001    /**
002     * Copyright (c) 2000-2012 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.service.impl;
016    
017    import com.liferay.portal.RequiredUserException;
018    import com.liferay.portal.ReservedUserEmailAddressException;
019    import com.liferay.portal.UserEmailAddressException;
020    import com.liferay.portal.UserScreenNameException;
021    import com.liferay.portal.kernel.exception.PortalException;
022    import com.liferay.portal.kernel.exception.SystemException;
023    import com.liferay.portal.kernel.search.Indexer;
024    import com.liferay.portal.kernel.search.IndexerRegistryUtil;
025    import com.liferay.portal.kernel.util.ArrayUtil;
026    import com.liferay.portal.kernel.util.GetterUtil;
027    import com.liferay.portal.kernel.workflow.WorkflowConstants;
028    import com.liferay.portal.kernel.workflow.WorkflowThreadLocal;
029    import com.liferay.portal.model.Address;
030    import com.liferay.portal.model.Company;
031    import com.liferay.portal.model.Contact;
032    import com.liferay.portal.model.EmailAddress;
033    import com.liferay.portal.model.Group;
034    import com.liferay.portal.model.GroupConstants;
035    import com.liferay.portal.model.Organization;
036    import com.liferay.portal.model.Phone;
037    import com.liferay.portal.model.Role;
038    import com.liferay.portal.model.User;
039    import com.liferay.portal.model.UserGroupRole;
040    import com.liferay.portal.model.Website;
041    import com.liferay.portal.security.auth.PrincipalException;
042    import com.liferay.portal.security.permission.ActionKeys;
043    import com.liferay.portal.security.permission.PermissionChecker;
044    import com.liferay.portal.service.ServiceContext;
045    import com.liferay.portal.service.base.UserServiceBaseImpl;
046    import com.liferay.portal.service.permission.GroupPermissionUtil;
047    import com.liferay.portal.service.permission.OrganizationPermissionUtil;
048    import com.liferay.portal.service.permission.PasswordPolicyPermissionUtil;
049    import com.liferay.portal.service.permission.PortalPermissionUtil;
050    import com.liferay.portal.service.permission.RolePermissionUtil;
051    import com.liferay.portal.service.permission.TeamPermissionUtil;
052    import com.liferay.portal.service.permission.UserGroupPermissionUtil;
053    import com.liferay.portal.service.permission.UserGroupRolePermissionUtil;
054    import com.liferay.portal.service.permission.UserPermissionUtil;
055    import com.liferay.portal.util.PropsValues;
056    import com.liferay.portlet.announcements.model.AnnouncementsDelivery;
057    import com.liferay.portlet.usersadmin.util.UsersAdminUtil;
058    
059    import java.util.List;
060    import java.util.Locale;
061    
062    /**
063     * The implementation of the user remote service.
064     *
065     * @author Brian Wing Shun Chan
066     * @author Brian Myunghun Kim
067     * @author Scott Lee
068     * @author Jorge Ferrer
069     * @author Julio Camarero
070     */
071    public class UserServiceImpl extends UserServiceBaseImpl {
072    
073            /**
074             * Adds the users to the group.
075             *
076             * @param  groupId the primary key of the group
077             * @param  userIds the primary keys of the users
078             * @throws PortalException if a group or user with the primary key could not
079             *         be found, or if the user did not have permission to assign group
080             *         members
081             * @throws SystemException if a system exception occurred
082             */
083            public void addGroupUsers(
084                            long groupId, long[] userIds, ServiceContext serviceContext)
085                    throws PortalException, SystemException {
086    
087                    try {
088                            GroupPermissionUtil.check(
089                                    getPermissionChecker(), groupId, ActionKeys.ASSIGN_MEMBERS);
090                    }
091                    catch (PrincipalException pe) {
092    
093                            // Allow any user to join open sites
094    
095                            boolean hasPermission = false;
096    
097                            if (userIds.length == 0) {
098                                    hasPermission = true;
099                            }
100                            else if (userIds.length == 1) {
101                                    User user = getUser();
102    
103                                    if (user.getUserId() == userIds[0]) {
104                                            Group group = groupPersistence.findByPrimaryKey(groupId);
105    
106                                            if (user.getCompanyId() == group.getCompanyId()) {
107                                                    int type = group.getType();
108    
109                                                    if (type == GroupConstants.TYPE_SITE_OPEN) {
110                                                            hasPermission = true;
111                                                    }
112                                            }
113                                    }
114                            }
115    
116                            if (!hasPermission) {
117                                    throw new PrincipalException();
118                            }
119                    }
120    
121                    userLocalService.addGroupUsers(groupId, userIds);
122            }
123    
124            /**
125             * Adds the users to the organization.
126             *
127             * @param  organizationId the primary key of the organization
128             * @param  userIds the primary keys of the users
129             * @throws PortalException if an organization or user with the primary key
130             *         could not be found, if the user did not have permission to assign
131             *         organization members, or if current user did not have an
132             *         organization in common with a given user
133             * @throws SystemException if a system exception occurred
134             */
135            public void addOrganizationUsers(long organizationId, long[] userIds)
136                    throws PortalException, SystemException {
137    
138                    OrganizationPermissionUtil.check(
139                            getPermissionChecker(), organizationId, ActionKeys.ASSIGN_MEMBERS);
140    
141                    validateOrganizationUsers(userIds);
142    
143                    userLocalService.addOrganizationUsers(organizationId, userIds);
144            }
145    
146            /**
147             * Assigns the password policy to the users, removing any other currently
148             * assigned password policies.
149             *
150             * @param  passwordPolicyId the primary key of the password policy
151             * @param  userIds the primary keys of the users
152             * @throws PortalException if the user did not have permission to assign
153             *         policy members
154             * @throws SystemException if a system exception occurred
155             */
156            public void addPasswordPolicyUsers(long passwordPolicyId, long[] userIds)
157                    throws PortalException, SystemException {
158    
159                    PasswordPolicyPermissionUtil.check(
160                            getPermissionChecker(), passwordPolicyId,
161                            ActionKeys.ASSIGN_MEMBERS);
162    
163                    userLocalService.addPasswordPolicyUsers(passwordPolicyId, userIds);
164            }
165    
166            /**
167             * Adds the users to the role.
168             *
169             * @param  roleId the primary key of the role
170             * @param  userIds the primary keys of the users
171             * @throws PortalException if a role or user with the primary key could not
172             *         be found or if the user did not have permission to assign role
173             *         members
174             * @throws SystemException if a system exception occurred
175             */
176            public void addRoleUsers(long roleId, long[] userIds)
177                    throws PortalException, SystemException {
178    
179                    RolePermissionUtil.check(
180                            getPermissionChecker(), roleId, ActionKeys.ASSIGN_MEMBERS);
181    
182                    userLocalService.addRoleUsers(roleId, userIds);
183            }
184    
185            /**
186             * Adds the users to the team.
187             *
188             * @param  teamId the primary key of the team
189             * @param  userIds the primary keys of the users
190             * @throws PortalException if a team or user with the primary key could not
191             *         be found or if the user did not have permission to assign team
192             *         members
193             * @throws SystemException if a system exception occurred
194             */
195            public void addTeamUsers(long teamId, long[] userIds)
196                    throws PortalException, SystemException {
197    
198                    TeamPermissionUtil.check(
199                            getPermissionChecker(), teamId, ActionKeys.ASSIGN_MEMBERS);
200    
201                    userLocalService.addTeamUsers(teamId, userIds);
202            }
203    
204            /**
205             * Adds a user with additional parameters.
206             *
207             * <p>
208             * This method handles the creation and bookkeeping of the user including
209             * its resources, metadata, and internal data structures. It is not
210             * necessary to make subsequent calls to any methods to setup default
211             * groups, resources, etc.
212             * </p>
213             *
214             * @param  companyId the primary key of the user's company
215             * @param  autoPassword whether a password should be automatically generated
216             *         for the user
217             * @param  password1 the user's password
218             * @param  password2 the user's password confirmation
219             * @param  autoScreenName whether a screen name should be automatically
220             *         generated for the user
221             * @param  screenName the user's screen name
222             * @param  emailAddress the user's email address
223             * @param  facebookId the user's facebook ID
224             * @param  openId the user's OpenID
225             * @param  locale the user's locale
226             * @param  firstName the user's first name
227             * @param  middleName the user's middle name
228             * @param  lastName the user's last name
229             * @param  prefixId the user's name prefix ID
230             * @param  suffixId the user's name suffix ID
231             * @param  male whether the user is male
232             * @param  birthdayMonth the user's birthday month (0-based, meaning 0 for
233             *         January)
234             * @param  birthdayDay the user's birthday day
235             * @param  birthdayYear the user's birthday year
236             * @param  jobTitle the user's job title
237             * @param  groupIds the primary keys of the user's groups
238             * @param  organizationIds the primary keys of the user's organizations
239             * @param  roleIds the primary keys of the roles this user possesses
240             * @param  userGroupIds the primary keys of the user's user groups
241             * @param  addresses the user's addresses
242             * @param  emailAddresses the user's email addresses
243             * @param  phones the user's phone numbers
244             * @param  websites the user's websites
245             * @param  announcementsDelivers the announcements deliveries
246             * @param  sendEmail whether to send the user an email notification about
247             *         their new account
248             * @param  serviceContext the user's service context (optionally
249             *         <code>null</code>). Can set the universally unique identifier
250             *         (with the <code>uuid</code> attribute), asset category IDs, asset
251             *         tag names, and expando bridge attributes for the user.
252             * @return the new user
253             * @throws PortalException if the user's information was invalid, if the
254             *         creator did not have permission to add users, if the email
255             *         address was reserved, or some other portal exception occurred
256             * @throws SystemException if a system exception occurred
257             */
258            public User addUser(
259                            long companyId, boolean autoPassword, String password1,
260                            String password2, boolean autoScreenName, String screenName,
261                            String emailAddress, long facebookId, String openId, Locale locale,
262                            String firstName, String middleName, String lastName, int prefixId,
263                            int suffixId, boolean male, int birthdayMonth, int birthdayDay,
264                            int birthdayYear, String jobTitle, long[] groupIds,
265                            long[] organizationIds, long[] roleIds, long[] userGroupIds,
266                            List<Address> addresses, List<EmailAddress> emailAddresses,
267                            List<Phone> phones, List<Website> websites,
268                            List<AnnouncementsDelivery> announcementsDelivers,
269                            boolean sendEmail, ServiceContext serviceContext)
270                    throws PortalException, SystemException {
271    
272                    boolean workflowEnabled = WorkflowThreadLocal.isEnabled();
273    
274                    try {
275                            WorkflowThreadLocal.setEnabled(false);
276    
277                            return addUserWithWorkflow(
278                                    companyId, autoPassword, password1, password2, autoScreenName,
279                                    screenName, emailAddress, facebookId, openId, locale, firstName,
280                                    middleName, lastName, prefixId, suffixId, male, birthdayMonth,
281                                    birthdayDay, birthdayYear, jobTitle, groupIds, organizationIds,
282                                    roleIds, userGroupIds, addresses, emailAddresses, phones,
283                                    websites, announcementsDelivers, sendEmail, serviceContext);
284                    }
285                    finally {
286                            WorkflowThreadLocal.setEnabled(workflowEnabled);
287                    }
288            }
289    
290            /**
291             * Adds a user.
292             *
293             * <p>
294             * This method handles the creation and bookkeeping of the user including
295             * its resources, metadata, and internal data structures. It is not
296             * necessary to make subsequent calls to any methods to setup default
297             * groups, resources, etc.
298             * </p>
299             *
300             * @param  companyId the primary key of the user's company
301             * @param  autoPassword whether a password should be automatically generated
302             *         for the user
303             * @param  password1 the user's password
304             * @param  password2 the user's password confirmation
305             * @param  autoScreenName whether a screen name should be automatically
306             *         generated for the user
307             * @param  screenName the user's screen name
308             * @param  emailAddress the user's email address
309             * @param  facebookId the user's facebook ID
310             * @param  openId the user's OpenID
311             * @param  locale the user's locale
312             * @param  firstName the user's first name
313             * @param  middleName the user's middle name
314             * @param  lastName the user's last name
315             * @param  prefixId the user's name prefix ID
316             * @param  suffixId the user's name suffix ID
317             * @param  male whether the user is male
318             * @param  birthdayMonth the user's birthday month (0-based, meaning 0 for
319             *         January)
320             * @param  birthdayDay the user's birthday day
321             * @param  birthdayYear the user's birthday year
322             * @param  jobTitle the user's job title
323             * @param  groupIds the primary keys of the user's groups
324             * @param  organizationIds the primary keys of the user's organizations
325             * @param  roleIds the primary keys of the roles this user possesses
326             * @param  userGroupIds the primary keys of the user's user groups
327             * @param  sendEmail whether to send the user an email notification about
328             *         their new account
329             * @param  serviceContext the user's service context (optionally
330             *         <code>null</code>). Can set the universally unique identifier
331             *         (with the <code>uuid</code> attribute), asset category IDs, asset
332             *         tag names, and expando bridge attributes for the user.
333             * @return the new user
334             * @throws PortalException if the user's information was invalid, if the
335             *         creator did not have permission to add users, or if the email
336             *         address was reserved
337             * @throws SystemException if a system exception occurred
338             */
339            public User addUser(
340                            long companyId, boolean autoPassword, String password1,
341                            String password2, boolean autoScreenName, String screenName,
342                            String emailAddress, long facebookId, String openId, Locale locale,
343                            String firstName, String middleName, String lastName, int prefixId,
344                            int suffixId, boolean male, int birthdayMonth, int birthdayDay,
345                            int birthdayYear, String jobTitle, long[] groupIds,
346                            long[] organizationIds, long[] roleIds, long[] userGroupIds,
347                            boolean sendEmail, ServiceContext serviceContext)
348                    throws PortalException, SystemException {
349    
350                    boolean workflowEnabled = WorkflowThreadLocal.isEnabled();
351    
352                    try {
353                            WorkflowThreadLocal.setEnabled(false);
354    
355                            return addUserWithWorkflow(
356                                    companyId, autoPassword, password1, password2, autoScreenName,
357                                    screenName, emailAddress, facebookId, openId, locale, firstName,
358                                    middleName, lastName, prefixId, suffixId, male, birthdayMonth,
359                                    birthdayDay, birthdayYear, jobTitle, groupIds, organizationIds,
360                                    roleIds, userGroupIds, sendEmail, serviceContext);
361                    }
362                    finally {
363                            WorkflowThreadLocal.setEnabled(workflowEnabled);
364                    }
365            }
366    
367            /**
368             * Adds the users to the user group.
369             *
370             * @param  userGroupId the primary key of the user group
371             * @param  userIds the primary keys of the users
372             * @throws PortalException if a user group or user with the primary could
373             *         could not be found, or if the current user did not have
374             *         permission to assign group members
375             * @throws SystemException if a system exception occurred
376             */
377            public void addUserGroupUsers(long userGroupId, long[] userIds)
378                    throws PortalException, SystemException {
379    
380                    UserGroupPermissionUtil.check(
381                            getPermissionChecker(), userGroupId, ActionKeys.ASSIGN_MEMBERS);
382    
383                    userLocalService.addUserGroupUsers(userGroupId, userIds);
384            }
385    
386            /**
387             * Adds a user with workflow and additional parameters.
388             *
389             * <p>
390             * This method handles the creation and bookkeeping of the user including
391             * its resources, metadata, and internal data structures. It is not
392             * necessary to make subsequent calls to any methods to setup default
393             * groups, resources, etc.
394             * </p>
395             *
396             * @param  companyId the primary key of the user's company
397             * @param  autoPassword whether a password should be automatically generated
398             *         for the user
399             * @param  password1 the user's password
400             * @param  password2 the user's password confirmation
401             * @param  autoScreenName whether a screen name should be automatically
402             *         generated for the user
403             * @param  screenName the user's screen name
404             * @param  emailAddress the user's email address
405             * @param  facebookId the user's facebook ID
406             * @param  openId the user's OpenID
407             * @param  locale the user's locale
408             * @param  firstName the user's first name
409             * @param  middleName the user's middle name
410             * @param  lastName the user's last name
411             * @param  prefixId the user's name prefix ID
412             * @param  suffixId the user's name suffix ID
413             * @param  male whether the user is male
414             * @param  birthdayMonth the user's birthday month (0-based, meaning 0 for
415             *         January)
416             * @param  birthdayDay the user's birthday day
417             * @param  birthdayYear the user's birthday year
418             * @param  jobTitle the user's job title
419             * @param  groupIds the primary keys of the user's groups
420             * @param  organizationIds the primary keys of the user's organizations
421             * @param  roleIds the primary keys of the roles this user possesses
422             * @param  userGroupIds the primary keys of the user's user groups
423             * @param  addresses the user's addresses
424             * @param  emailAddresses the user's email addresses
425             * @param  phones the user's phone numbers
426             * @param  websites the user's websites
427             * @param  announcementsDelivers the announcements deliveries
428             * @param  sendEmail whether to send the user an email notification about
429             *         their new account
430             * @param  serviceContext the user's service context (optionally
431             *         <code>null</code>). Can set the universally unique identifier
432             *         (with the <code>uuid</code> attribute), asset category IDs, asset
433             *         tag names, and expando bridge attributes for the user.
434             * @return the new user
435             * @throws PortalException if the user's information was invalid, if the
436             *         creator did not have permission to add users, if the email
437             *         address was reserved, or some other portal exception occurred
438             * @throws SystemException if a system exception occurred
439             */
440            public User addUserWithWorkflow(
441                            long companyId, boolean autoPassword, String password1,
442                            String password2, boolean autoScreenName, String screenName,
443                            String emailAddress, long facebookId, String openId, Locale locale,
444                            String firstName, String middleName, String lastName, int prefixId,
445                            int suffixId, boolean male, int birthdayMonth, int birthdayDay,
446                            int birthdayYear, String jobTitle, long[] groupIds,
447                            long[] organizationIds, long[] roleIds, long[] userGroupIds,
448                            List<Address> addresses, List<EmailAddress> emailAddresses,
449                            List<Phone> phones, List<Website> websites,
450                            List<AnnouncementsDelivery> announcementsDelivers,
451                            boolean sendEmail, ServiceContext serviceContext)
452                    throws PortalException, SystemException {
453    
454                    boolean indexingEnabled = serviceContext.isIndexingEnabled();
455    
456                    serviceContext.setIndexingEnabled(false);
457    
458                    try {
459                            User user = addUserWithWorkflow(
460                                    companyId, autoPassword, password1, password2, autoScreenName,
461                                    screenName, emailAddress, facebookId, openId, locale, firstName,
462                                    middleName, lastName, prefixId, suffixId, male, birthdayMonth,
463                                    birthdayDay, birthdayYear, jobTitle, groupIds, organizationIds,
464                                    roleIds, userGroupIds, sendEmail, serviceContext);
465    
466                            UsersAdminUtil.updateAddresses(
467                                    Contact.class.getName(), user.getContactId(), addresses);
468    
469                            UsersAdminUtil.updateEmailAddresses(
470                                    Contact.class.getName(), user.getContactId(), emailAddresses);
471    
472                            UsersAdminUtil.updatePhones(
473                                    Contact.class.getName(), user.getContactId(), phones);
474    
475                            UsersAdminUtil.updateWebsites(
476                                    Contact.class.getName(), user.getContactId(), websites);
477    
478                            updateAnnouncementsDeliveries(
479                                    user.getUserId(), announcementsDelivers);
480    
481                            if (indexingEnabled) {
482                                    Indexer indexer = IndexerRegistryUtil.getIndexer(User.class);
483    
484                                    indexer.reindex(user);
485                            }
486    
487                            return user;
488                    }
489                    finally {
490                            serviceContext.setIndexingEnabled(indexingEnabled);
491                    }
492            }
493    
494            /**
495             * Adds a user with workflow.
496             *
497             * <p>
498             * This method handles the creation and bookkeeping of the user including
499             * its resources, metadata, and internal data structures. It is not
500             * necessary to make subsequent calls to any methods to setup default
501             * groups, resources, etc.
502             * </p>
503             *
504             * @param  companyId the primary key of the user's company
505             * @param  autoPassword whether a password should be automatically generated
506             *         for the user
507             * @param  password1 the user's password
508             * @param  password2 the user's password confirmation
509             * @param  autoScreenName whether a screen name should be automatically
510             *         generated for the user
511             * @param  screenName the user's screen name
512             * @param  emailAddress the user's email address
513             * @param  facebookId the user's facebook ID
514             * @param  openId the user's OpenID
515             * @param  locale the user's locale
516             * @param  firstName the user's first name
517             * @param  middleName the user's middle name
518             * @param  lastName the user's last name
519             * @param  prefixId the user's name prefix ID
520             * @param  suffixId the user's name suffix ID
521             * @param  male whether the user is male
522             * @param  birthdayMonth the user's birthday month (0-based, meaning 0 for
523             *         January)
524             * @param  birthdayDay the user's birthday day
525             * @param  birthdayYear the user's birthday year
526             * @param  jobTitle the user's job title
527             * @param  groupIds the primary keys of the user's groups
528             * @param  organizationIds the primary keys of the user's organizations
529             * @param  roleIds the primary keys of the roles this user possesses
530             * @param  userGroupIds the primary keys of the user's user groups
531             * @param  sendEmail whether to send the user an email notification about
532             *         their new account
533             * @param  serviceContext the user's service context (optionally
534             *         <code>null</code>). Can set the universally unique identifier
535             *         (with the <code>uuid</code> attribute), asset category IDs, asset
536             *         tag names, and expando bridge attributes for the user.
537             * @return the new user
538             * @throws PortalException if the user's information was invalid, if the
539             *         creator did not have permission to add users, or if the email
540             *         address was reserved
541             * @throws SystemException if a system exception occurred
542             */
543            public User addUserWithWorkflow(
544                            long companyId, boolean autoPassword, String password1,
545                            String password2, boolean autoScreenName, String screenName,
546                            String emailAddress, long facebookId, String openId, Locale locale,
547                            String firstName, String middleName, String lastName, int prefixId,
548                            int suffixId, boolean male, int birthdayMonth, int birthdayDay,
549                            int birthdayYear, String jobTitle, long[] groupIds,
550                            long[] organizationIds, long[] roleIds, long[] userGroupIds,
551                            boolean sendEmail, ServiceContext serviceContext)
552                    throws PortalException, SystemException {
553    
554                    long creatorUserId = 0;
555    
556                    try {
557                            creatorUserId = getUserId();
558                    }
559                    catch (PrincipalException pe) {
560                    }
561    
562                    checkAddUserPermission(
563                            creatorUserId, companyId, emailAddress, organizationIds,
564                            serviceContext);
565    
566                    return userLocalService.addUserWithWorkflow(
567                            creatorUserId, companyId, autoPassword, password1, password2,
568                            autoScreenName, screenName, emailAddress, facebookId, openId,
569                            locale, firstName, middleName, lastName, prefixId, suffixId, male,
570                            birthdayMonth, birthdayDay, birthdayYear, jobTitle, groupIds,
571                            organizationIds, roleIds, userGroupIds, sendEmail, serviceContext);
572            }
573    
574            /**
575             * Deletes the user's portrait image.
576             *
577             * @param  userId the primary key of the user
578             * @throws PortalException if a user with the primary key could not be
579             *         found, if the user's portrait could not be found, or if the
580             *         current user did not have permission to update the user
581             * @throws SystemException if a system exception occurred
582             */
583            public void deletePortrait(long userId)
584                    throws PortalException, SystemException {
585    
586                    UserPermissionUtil.check(
587                            getPermissionChecker(), userId, ActionKeys.UPDATE);
588    
589                    userLocalService.deletePortrait(userId);
590            }
591    
592            /**
593             * Removes the user from the role.
594             *
595             * @param  roleId the primary key of the role
596             * @param  userId the primary key of the user
597             * @throws PortalException if a role or user with the primary key could not
598             *         be found, or if the current user did not have permission to
599             *         assign role members
600             * @throws SystemException if a system exception occurred
601             */
602            public void deleteRoleUser(long roleId, long userId)
603                    throws PortalException, SystemException {
604    
605                    RolePermissionUtil.check(
606                            getPermissionChecker(), roleId, ActionKeys.ASSIGN_MEMBERS);
607    
608                    userLocalService.deleteRoleUser(roleId, userId);
609            }
610    
611            /**
612             * Deletes the user.
613             *
614             * @param  userId the primary key of the user
615             * @throws PortalException if a user with the primary key could not be found
616             *         or if the current user did not have permission to delete the user
617             * @throws SystemException if a system exception occurred
618             */
619            public void deleteUser(long userId)
620                    throws PortalException, SystemException {
621    
622                    if (getUserId() == userId) {
623                            throw new RequiredUserException();
624                    }
625    
626                    UserPermissionUtil.check(
627                            getPermissionChecker(), userId, ActionKeys.DELETE);
628    
629                    userLocalService.deleteUser(userId);
630            }
631    
632            /**
633             * Returns the primary key of the default user for the company.
634             *
635             * @param  companyId the primary key of the company
636             * @return the primary key of the default user for the company
637             * @throws PortalException if a default user for the company could not be
638             *         found
639             * @throws SystemException if a system exception occurred
640             */
641            public long getDefaultUserId(long companyId)
642                    throws PortalException, SystemException {
643    
644                    return userLocalService.getDefaultUserId(companyId);
645            }
646    
647            /**
648             * Returns the primary keys of all the users belonging to the group.
649             *
650             * @param  groupId the primary key of the group
651             * @return the primary keys of the users belonging to the group
652             * @throws PortalException if the current user did not have permission to
653             *         view group assignments
654             * @throws SystemException if a system exception occurred
655             */
656            public long[] getGroupUserIds(long groupId)
657                    throws PortalException, SystemException {
658    
659                    GroupPermissionUtil.check(
660                            getPermissionChecker(), groupId, ActionKeys.VIEW_MEMBERS);
661    
662                    return userLocalService.getGroupUserIds(groupId);
663            }
664    
665            /**
666             * Returns the primary keys of all the users belonging to the organization.
667             *
668             * @param  organizationId the primary key of the organization
669             * @return the primary keys of the users belonging to the organization
670             * @throws PortalException if the current user did not have permission to
671             *         view organization assignments
672             * @throws SystemException if a system exception occurred
673             */
674            public long[] getOrganizationUserIds(long organizationId)
675                    throws PortalException, SystemException {
676    
677                    OrganizationPermissionUtil.check(
678                            getPermissionChecker(), organizationId, ActionKeys.VIEW_MEMBERS);
679    
680                    return userLocalService.getOrganizationUserIds(organizationId);
681            }
682    
683            /**
684             * Returns the primary keys of all the users belonging to the role.
685             *
686             * @param  roleId the primary key of the role
687             * @return the primary keys of the users belonging to the role
688             * @throws PortalException if the current user did not have permission to
689             *         view role members
690             * @throws SystemException if a system exception occurred
691             */
692            public long[] getRoleUserIds(long roleId) throws
693                    PortalException, SystemException {
694    
695                    RolePermissionUtil.check(
696                            getPermissionChecker(), roleId, ActionKeys.VIEW);
697    
698                    return userLocalService.getRoleUserIds(roleId);
699            }
700    
701            /**
702             * Returns the user with the email address.
703             *
704             * @param  companyId the primary key of the user's company
705             * @param  emailAddress the user's email address
706             * @return the user with the email address
707             * @throws PortalException if a user with the email address could not be
708             *         found or if the current user did not have permission to view the
709             *         user
710             * @throws SystemException if a system exception occurred
711             */
712            public User getUserByEmailAddress(long companyId, String emailAddress)
713                    throws PortalException, SystemException {
714    
715                    User user = userLocalService.getUserByEmailAddress(
716                            companyId, emailAddress);
717    
718                    UserPermissionUtil.check(
719                            getPermissionChecker(), user.getUserId(), ActionKeys.VIEW);
720    
721                    return user;
722            }
723    
724            /**
725             * Returns the user with the primary key.
726             *
727             * @param  userId the primary key of the user
728             * @return the user with the primary key
729             * @throws PortalException if a user with the primary key could not be found
730             *         or if the current user did not have permission to view the user
731             * @throws SystemException if a system exception occurred
732             */
733            public User getUserById(long userId)
734                    throws PortalException, SystemException {
735    
736                    User user = userPersistence.findByPrimaryKey(userId);
737    
738                    UserPermissionUtil.check(
739                            getPermissionChecker(), user.getUserId(), ActionKeys.VIEW);
740    
741                    return user;
742            }
743    
744            /**
745             * Returns the user with the screen name.
746             *
747             * @param  companyId the primary key of the user's company
748             * @param  screenName the user's screen name
749             * @return the user with the screen name
750             * @throws PortalException if a user with the screen name could not be found
751             *         or if the current user did not have permission to veiw the user
752             * @throws SystemException if a system exception occurred
753             */
754            public User getUserByScreenName(long companyId, String screenName)
755                    throws PortalException, SystemException {
756    
757                    User user = userLocalService.getUserByScreenName(companyId, screenName);
758    
759                    UserPermissionUtil.check(
760                            getPermissionChecker(), user.getUserId(), ActionKeys.VIEW);
761    
762                    return user;
763            }
764    
765            /**
766             * Returns the primary key of the user with the email address.
767             *
768             * @param  companyId the primary key of the user's company
769             * @param  emailAddress the user's email address
770             * @return the primary key of the user with the email address
771             * @throws PortalException if a user with the email address could not be
772             *         found
773             * @throws SystemException if a system exception occurred
774             */
775            public long getUserIdByEmailAddress(long companyId, String emailAddress)
776                    throws PortalException, SystemException {
777    
778                    User user = getUserByEmailAddress(companyId, emailAddress);
779    
780                    return user.getUserId();
781            }
782    
783            /**
784             * Returns the primary key of the user with the screen name.
785             *
786             * @param  companyId the primary key of the user's company
787             * @param  screenName the user's screen name
788             * @return the primary key of the user with the screen name
789             * @throws PortalException if a user with the screen name could not be found
790             * @throws SystemException if a system exception occurred
791             */
792            public long getUserIdByScreenName(long companyId, String screenName)
793                    throws PortalException, SystemException {
794    
795                    User user = getUserByScreenName(companyId, screenName);
796    
797                    return user.getUserId();
798            }
799    
800            /**
801             * Returns <code>true</code> if the user is a member of the group.
802             *
803             * @param  groupId the primary key of the group
804             * @param  userId the primary key of the user
805             * @return <code>true</code> if the user is a member of the group;
806             *         <code>false</code> otherwise
807             * @throws SystemException if a system exception occurred
808             */
809            public boolean hasGroupUser(long groupId, long userId)
810                    throws SystemException {
811    
812                    return userLocalService.hasGroupUser(groupId, userId);
813            }
814    
815            /**
816             * Returns <code>true</code> if the user is a member of the role.
817             *
818             * @param  roleId the primary key of the role
819             * @param  userId the primary key of the user
820             * @return <code>true</code> if the user is a member of the role;
821             *         <code>false</code> otherwise
822             * @throws SystemException if a system exception occurred
823             */
824            public boolean hasRoleUser(long roleId, long userId)
825                    throws SystemException {
826    
827                    return userLocalService.hasRoleUser(roleId, userId);
828            }
829    
830            /**
831             * Returns <code>true</code> if the user has the role with the name,
832             * optionally through inheritance.
833             *
834             * @param  companyId the primary key of the role's company
835             * @param  name the name of the role (must be a regular role, not an
836             *         organization, site or provider role)
837             * @param  userId the primary key of the user
838             * @param  inherited whether to include roles inherited from organizations,
839             *         sites, etc.
840             * @return <code>true</code> if the user has the role; <code>false</code>
841             *         otherwise
842             * @throws PortalException if a role with the name could not be found
843             * @throws SystemException if a system exception occurred
844             */
845            public boolean hasRoleUser(
846                            long companyId, String name, long userId, boolean inherited)
847                    throws PortalException, SystemException {
848    
849                    return userLocalService.hasRoleUser(companyId, name, userId, inherited);
850            }
851    
852            /**
853             * Sets the users in the role, removing and adding users to the role as
854             * necessary.
855             *
856             * @param  roleId the primary key of the role
857             * @param  userIds the primary keys of the users
858             * @throws PortalException if the current user did not have permission to
859             *         assign role members
860             * @throws SystemException if a system exception occurred
861             */
862            public void setRoleUsers(long roleId, long[] userIds)
863                    throws PortalException, SystemException {
864    
865                    RolePermissionUtil.check(
866                            getPermissionChecker(), roleId, ActionKeys.ASSIGN_MEMBERS);
867    
868                    userLocalService.setRoleUsers(roleId, userIds);
869            }
870    
871            /**
872             * Sets the users in the user group, removing and adding users to the user
873             * group as necessary.
874             *
875             * @param  userGroupId the primary key of the user group
876             * @param  userIds the primary keys of the users
877             * @throws PortalException if the current user did not have permission to
878             *         assign group members
879             * @throws SystemException if a system exception occurred
880             */
881            public void setUserGroupUsers(long userGroupId, long[] userIds)
882                    throws PortalException, SystemException {
883    
884                    UserGroupPermissionUtil.check(
885                            getPermissionChecker(), userGroupId, ActionKeys.ASSIGN_MEMBERS);
886    
887                    userLocalService.setUserGroupUsers(userGroupId, userIds);
888            }
889    
890            /**
891             * Removes the users from the group.
892             *
893             * @param  groupId the primary key of the group
894             * @param  userIds the primary keys of the users
895             * @throws PortalException if the current user did not have permission to
896             *         modify group assignments
897             * @throws SystemException if a system exception occurred
898             */
899            public void unsetGroupUsers(
900                            long groupId, long[] userIds, ServiceContext serviceContext)
901                    throws PortalException, SystemException {
902    
903                    try {
904                            GroupPermissionUtil.check(
905                                    getPermissionChecker(), groupId, ActionKeys.ASSIGN_MEMBERS);
906                    }
907                    catch (PrincipalException pe) {
908    
909                            // Allow any user to leave open and restricted sites
910    
911                            boolean hasPermission = false;
912    
913                            if (userIds.length == 0) {
914                                    hasPermission = true;
915                            }
916                            else if (userIds.length == 1) {
917                                    User user = getUser();
918    
919                                    if (user.getUserId() == userIds[0]) {
920                                            Group group = groupPersistence.findByPrimaryKey(groupId);
921    
922                                            if (user.getCompanyId() == group.getCompanyId()) {
923                                                    int type = group.getType();
924    
925                                                    if ((type == GroupConstants.TYPE_SITE_OPEN) ||
926                                                            (type == GroupConstants.TYPE_SITE_RESTRICTED)) {
927    
928                                                            hasPermission = true;
929                                                    }
930                                            }
931                                    }
932                            }
933    
934                            if (!hasPermission) {
935                                    throw new PrincipalException();
936                            }
937                    }
938    
939                    userLocalService.unsetGroupUsers(groupId, userIds, serviceContext);
940            }
941    
942            /**
943             * Removes the users from the organization.
944             *
945             * @param  organizationId the primary key of the organization
946             * @param  userIds the primary keys of the users
947             * @throws PortalException if the current user did not have permission to
948             *         modify organization assignments
949             * @throws SystemException if a system exception occurred
950             */
951            public void unsetOrganizationUsers(long organizationId, long[] userIds)
952                    throws PortalException, SystemException {
953    
954                    OrganizationPermissionUtil.check(
955                            getPermissionChecker(), organizationId,
956                            ActionKeys.ASSIGN_MEMBERS);
957    
958                    userLocalService.unsetOrganizationUsers(organizationId, userIds);
959            }
960    
961            /**
962             * Removes the users from the password policy.
963             *
964             * @param  passwordPolicyId the primary key of the password policy
965             * @param  userIds the primary keys of the users
966             * @throws PortalException if the current user did not have permission to
967             *         modify policy assignments
968             * @throws SystemException if a system exception occurred
969             */
970            public void unsetPasswordPolicyUsers(long passwordPolicyId, long[] userIds)
971                    throws PortalException, SystemException {
972    
973                    PasswordPolicyPermissionUtil.check(
974                            getPermissionChecker(), passwordPolicyId,
975                            ActionKeys.ASSIGN_MEMBERS);
976    
977                    userLocalService.unsetPasswordPolicyUsers(passwordPolicyId, userIds);
978            }
979    
980            /**
981             * Removes the users from the role.
982             *
983             * @param  roleId the primary key of the role
984             * @param  userIds the primary keys of the users
985             * @throws PortalException if the current user did not have permission to
986             *         modify role assignments
987             * @throws SystemException if a system exception occurred
988             */
989            public void unsetRoleUsers(long roleId, long[] userIds)
990                    throws PortalException, SystemException {
991    
992                    RolePermissionUtil.check(
993                            getPermissionChecker(), roleId, ActionKeys.ASSIGN_MEMBERS);
994    
995                    userLocalService.unsetRoleUsers(roleId, userIds);
996            }
997    
998            /**
999             * Removes the users from the team.
1000             *
1001             * @param  teamId the primary key of the team
1002             * @param  userIds the primary keys of the users
1003             * @throws PortalException if the current user did not have permission to
1004             *         modify team assignments
1005             * @throws SystemException if a system exception occurred
1006             */
1007            public void unsetTeamUsers(long teamId, long[] userIds)
1008                    throws PortalException, SystemException {
1009    
1010                    TeamPermissionUtil.check(
1011                            getPermissionChecker(), teamId, ActionKeys.ASSIGN_MEMBERS);
1012    
1013                    userLocalService.unsetTeamUsers(teamId, userIds);
1014            }
1015    
1016            /**
1017             * Removes the users from the user group.
1018             *
1019             * @param  userGroupId the primary key of the user group
1020             * @param  userIds the primary keys of the users
1021             * @throws PortalException if the current user did not have permission to
1022             *         modify user group assignments
1023             * @throws SystemException if a system exception occurred
1024             */
1025            public void unsetUserGroupUsers(long userGroupId, long[] userIds)
1026                    throws PortalException, SystemException {
1027    
1028                    UserGroupPermissionUtil.check(
1029                            getPermissionChecker(), userGroupId, ActionKeys.ASSIGN_MEMBERS);
1030    
1031                    userLocalService.unsetUserGroupUsers(userGroupId, userIds);
1032            }
1033    
1034            /**
1035             * Updates the user's response to the terms of use agreement.
1036             *
1037             * @param  userId the primary key of the user
1038             * @param  agreedToTermsOfUse whether the user has agree to the terms of use
1039             * @return the user
1040             * @throws PortalException if the current user did not have permission to
1041             *         update the user's agreement to terms-of-use
1042             * @throws SystemException if a system exception occurred
1043             */
1044            public User updateAgreedToTermsOfUse(
1045                            long userId, boolean agreedToTermsOfUse)
1046                    throws PortalException, SystemException {
1047    
1048                    UserPermissionUtil.check(
1049                            getPermissionChecker(), userId, ActionKeys.UPDATE);
1050    
1051                    return userLocalService.updateAgreedToTermsOfUse(
1052                            userId, agreedToTermsOfUse);
1053            }
1054    
1055            /**
1056             * Updates the user's email address.
1057             *
1058             * @param  userId the primary key of the user
1059             * @param  password the user's password
1060             * @param  emailAddress1 the user's new email address
1061             * @param  emailAddress2 the user's new email address confirmation
1062             * @return the user
1063             * @throws PortalException if a user with the primary key could not be found
1064             *         or if the current user did not have permission to update the user
1065             * @throws SystemException if a system exception occurred
1066             */
1067            public User updateEmailAddress(
1068                            long userId, String password, String emailAddress1,
1069                            String emailAddress2, ServiceContext serviceContext)
1070                    throws PortalException, SystemException {
1071    
1072                    UserPermissionUtil.check(
1073                            getPermissionChecker(), userId, ActionKeys.UPDATE);
1074    
1075                    return userLocalService.updateEmailAddress(
1076                            userId, password, emailAddress1, emailAddress2, serviceContext);
1077            }
1078    
1079            /**
1080             * Updates a user account that was automatically created when a guest user
1081             * participated in an action (e.g. posting a comment) and only provided his
1082             * name and email address.
1083             *
1084             * @param  companyId the primary key of the user's company
1085             * @param  autoPassword whether a password should be automatically generated
1086             *         for the user
1087             * @param  password1 the user's password
1088             * @param  password2 the user's password confirmation
1089             * @param  autoScreenName whether a screen name should be automatically
1090             *         generated for the user
1091             * @param  screenName the user's screen name
1092             * @param  emailAddress the user's email address
1093             * @param  facebookId the user's facebook ID
1094             * @param  openId the user's OpenID
1095             * @param  locale the user's locale
1096             * @param  firstName the user's first name
1097             * @param  middleName the user's middle name
1098             * @param  lastName the user's last name
1099             * @param  prefixId the user's name prefix ID
1100             * @param  suffixId the user's name suffix ID
1101             * @param  male whether the user is male
1102             * @param  birthdayMonth the user's birthday month (0-based, meaning 0 for
1103             *         January)
1104             * @param  birthdayDay the user's birthday day
1105             * @param  birthdayYear the user's birthday year
1106             * @param  jobTitle the user's job title
1107             * @param  updateUserInformation whether to update the user's information
1108             * @param  sendEmail whether to send the user an email notification about
1109             *         their new account
1110             * @param  serviceContext the user's service context (optionally
1111             *         <code>null</code>). Can set the expando bridge attributes for the
1112             *         user.
1113             * @return the user
1114             * @throws PortalException if the user's information was invalid or if the
1115             *         email address was reserved
1116             * @throws SystemException if a system exception occurred
1117             */
1118            public User updateIncompleteUser(
1119                            long companyId, boolean autoPassword, String password1,
1120                            String password2, boolean autoScreenName, String screenName,
1121                            String emailAddress, long facebookId, String openId, Locale locale,
1122                            String firstName, String middleName, String lastName, int prefixId,
1123                            int suffixId, boolean male, int birthdayMonth, int birthdayDay,
1124                            int birthdayYear, String jobTitle, boolean updateUserInformation,
1125                            boolean sendEmail, ServiceContext serviceContext)
1126                    throws PortalException, SystemException {
1127    
1128                    long creatorUserId = 0;
1129    
1130                    try {
1131                            creatorUserId = getUserId();
1132                    }
1133                    catch (PrincipalException pe) {
1134                    }
1135    
1136                    checkAddUserPermission(
1137                            creatorUserId, companyId, emailAddress, null, serviceContext);
1138    
1139                    return userLocalService.updateIncompleteUser(
1140                            creatorUserId, companyId, autoPassword, password1, password2,
1141                            autoScreenName, screenName, emailAddress, facebookId, openId,
1142                            locale, firstName, middleName, lastName, prefixId, suffixId, male,
1143                            birthdayMonth, birthdayDay, birthdayYear, jobTitle,
1144                            updateUserInformation, sendEmail, serviceContext);
1145            }
1146    
1147            /**
1148             * Updates whether the user is locked out from logging in.
1149             *
1150             * @param  userId the primary key of the user
1151             * @param  lockout whether the user is locked out
1152             * @return the user
1153             * @throws PortalException if the user did not have permission to lock out
1154             *         the user
1155             * @throws SystemException if a system exception occurred
1156             */
1157            public User updateLockoutById(long userId, boolean lockout)
1158                    throws PortalException, SystemException {
1159    
1160                    UserPermissionUtil.check(
1161                            getPermissionChecker(), userId, ActionKeys.DELETE);
1162    
1163                    return userLocalService.updateLockoutById(userId, lockout);
1164            }
1165    
1166            /**
1167             * Updates the user's OpenID.
1168             *
1169             * @param  userId the primary key of the user
1170             * @param  openId the new OpenID
1171             * @return the user
1172             * @throws PortalException if a user with the primary key could not be found
1173             *         or if the current user did not have permission to update the user
1174             * @throws SystemException if a system exception occurred
1175             */
1176            public User updateOpenId(long userId, String openId)
1177                    throws PortalException, SystemException {
1178    
1179                    UserPermissionUtil.check(
1180                            getPermissionChecker(), userId, ActionKeys.UPDATE);
1181    
1182                    return userLocalService.updateOpenId(userId, openId);
1183            }
1184    
1185            /**
1186             * Sets the organizations that the user is in, removing and adding
1187             * organizations as necessary.
1188             *
1189             * @param  userId the primary key of the user
1190             * @param  organizationIds the primary keys of the organizations
1191             * @throws PortalException if a user with the primary key could not be found
1192             *         or if the current user did not have permission to update the user
1193             * @throws SystemException if a system exception occurred
1194             */
1195            public void updateOrganizations(
1196                            long userId, long[] organizationIds, ServiceContext serviceContext)
1197                    throws PortalException, SystemException {
1198    
1199                    UserPermissionUtil.check(
1200                            getPermissionChecker(), userId, ActionKeys.UPDATE);
1201    
1202                    userLocalService.updateOrganizations(
1203                            userId, organizationIds, serviceContext);
1204            }
1205    
1206            /**
1207             * Updates the user's password without tracking or validation of the change.
1208             *
1209             * @param  userId the primary key of the user
1210             * @param  password1 the user's new password
1211             * @param  password2 the user's new password confirmation
1212             * @param  passwordReset whether the user should be asked to reset their
1213             *         password the next time they log in
1214             * @return the user
1215             * @throws PortalException if a user with the primary key could not be found
1216             *         or if the current user did not have permission to update the user
1217             * @throws SystemException if a system exception occurred
1218             */
1219            public User updatePassword(
1220                            long userId, String password1, String password2,
1221                            boolean passwordReset)
1222                    throws PortalException, SystemException {
1223    
1224                    UserPermissionUtil.check(
1225                            getPermissionChecker(), userId, ActionKeys.UPDATE);
1226    
1227                    return userLocalService.updatePassword(
1228                            userId, password1, password2, passwordReset);
1229            }
1230    
1231            /**
1232             * Updates the user's portrait image.
1233             *
1234             * @param  userId the primary key of the user
1235             * @param  bytes the new portrait image data
1236             * @return the user
1237             * @throws PortalException if a user with the primary key could not be
1238             *         found, if the new portrait was invalid, or if the current user
1239             *         did not have permission to update the user
1240             * @throws SystemException if a system exception occurred
1241             */
1242            public User updatePortrait(long userId, byte[] bytes)
1243                    throws PortalException, SystemException {
1244    
1245                    UserPermissionUtil.check(
1246                            getPermissionChecker(), userId, ActionKeys.UPDATE);
1247    
1248                    return userLocalService.updatePortrait(userId, bytes);
1249            }
1250    
1251            /**
1252             * Updates the user's password reset question and answer.
1253             *
1254             * @param  userId the primary key of the user
1255             * @param  question the user's new password reset question
1256             * @param  answer the user's new password reset answer
1257             * @return the user
1258             * @throws PortalException if a user with the primary key could not be
1259             *         found, if the new question or answer were invalid, or if the
1260             *         current user did not have permission to update the user
1261             * @throws SystemException if a system exception occurred
1262             */
1263            public User updateReminderQuery(long userId, String question, String answer)
1264                    throws PortalException, SystemException {
1265    
1266                    UserPermissionUtil.check(
1267                            getPermissionChecker(), userId, ActionKeys.UPDATE);
1268    
1269                    return userLocalService.updateReminderQuery(userId, question, answer);
1270            }
1271    
1272            /**
1273             * Updates the user's screen name.
1274             *
1275             * @param  userId the primary key of the user
1276             * @param  screenName the user's new screen name
1277             * @return the user
1278             * @throws PortalException if a user with the primary key could not be
1279             *         found, if the new screen name was invalid, or if the current user
1280             *         did not have permission to update the user
1281             * @throws SystemException if a system exception occurred
1282             */
1283            public User updateScreenName(long userId, String screenName)
1284                    throws PortalException, SystemException {
1285    
1286                    UserPermissionUtil.check(
1287                            getPermissionChecker(), userId, ActionKeys.UPDATE);
1288    
1289                    return userLocalService.updateScreenName(userId, screenName);
1290            }
1291    
1292            /**
1293             * Updates the user's workflow status.
1294             *
1295             * @param  userId the primary key of the user
1296             * @param  status the user's new workflow status
1297             * @return the user
1298             * @throws PortalException if a user with the primary key could not be
1299             *         found, if the current user was updating her own status to
1300             *         anything but {@link WorkflowConstants.STATUS_APPROVED}, or if the
1301             *         current user did not have permission to update the user's
1302             *         workflow status.
1303             * @throws SystemException if a system exception occurred
1304             */
1305            public User updateStatus(long userId, int status)
1306                    throws PortalException, SystemException {
1307    
1308                    if ((getUserId() == userId) &&
1309                            (status != WorkflowConstants.STATUS_APPROVED)) {
1310    
1311                            throw new RequiredUserException();
1312                    }
1313    
1314                    UserPermissionUtil.check(
1315                            getPermissionChecker(), userId, ActionKeys.DELETE);
1316    
1317                    return userLocalService.updateStatus(userId, status);
1318            }
1319    
1320            /**
1321             * Updates the user with additional parameters.
1322             *
1323             * @param  userId the primary key of the user
1324             * @param  oldPassword the user's old password
1325             * @param  newPassword1 the user's new password (optionally
1326             *         <code>null</code>)
1327             * @param  newPassword2 the user's new password confirmation (optionally
1328             *         <code>null</code>)
1329             * @param  passwordReset whether the user should be asked to reset their
1330             *         password the next time they login
1331             * @param  reminderQueryQuestion the user's new password reset question
1332             * @param  reminderQueryAnswer the user's new password reset answer
1333             * @param  screenName the user's new screen name
1334             * @param  emailAddress the user's new email address
1335             * @param  facebookId the user's new Facebook ID
1336             * @param  openId the user's new OpenID
1337             * @param  languageId the user's new language ID
1338             * @param  timeZoneId the user's new time zone ID
1339             * @param  greeting the user's new greeting
1340             * @param  comments the user's new comments
1341             * @param  firstName the user's new first name
1342             * @param  middleName the user's new middle name
1343             * @param  lastName the user's new last name
1344             * @param  prefixId the user's new name prefix ID
1345             * @param  suffixId the user's new name suffix ID
1346             * @param  male whether user is male
1347             * @param  birthdayMonth the user's new birthday month (0-based, meaning 0
1348             *         for January)
1349             * @param  birthdayDay the user's new birthday day
1350             * @param  birthdayYear the user's birthday year
1351             * @param  smsSn the user's new SMS screen name
1352             * @param  aimSn the user's new AIM screen name
1353             * @param  facebookSn the user's new Facebook screen name
1354             * @param  icqSn the user's new ICQ screen name
1355             * @param  jabberSn the user's new Jabber screen name
1356             * @param  msnSn the user's new MSN screen name
1357             * @param  mySpaceSn the user's new MySpace screen name
1358             * @param  skypeSn the user's new Skype screen name
1359             * @param  twitterSn the user's new Twitter screen name
1360             * @param  ymSn the user's new Yahoo! Messenger screen name
1361             * @param  jobTitle the user's new job title
1362             * @param  groupIds the primary keys of the user's groups
1363             * @param  organizationIds the primary keys of the user's organizations
1364             * @param  roleIds the primary keys of the user's roles
1365             * @param  userGroupRoles the user user's group roles
1366             * @param  userGroupIds the primary keys of the user's user groups
1367             * @param  addresses the user's addresses
1368             * @param  emailAddresses the user's email addresses
1369             * @param  phones the user's phone numbers
1370             * @param  websites the user's websites
1371             * @param  announcementsDelivers the announcements deliveries
1372             * @param  serviceContext the user's service context (optionally
1373             *         <code>null</code>). Can set the universally unique identifier
1374             *         (with the <code>uuid</code> attribute), asset category IDs, asset
1375             *         tag names, and expando bridge attributes for the user.
1376             * @return the user
1377             * @throws PortalException if a user with the primary key could not be
1378             *         found, if the new information was invalid, or if the current user
1379             *         did not have permission to update the user
1380             * @throws SystemException if a system exception occurred
1381             */
1382            public User updateUser(
1383                            long userId, String oldPassword, String newPassword1,
1384                            String newPassword2, boolean passwordReset,
1385                            String reminderQueryQuestion, String reminderQueryAnswer,
1386                            String screenName, String emailAddress, long facebookId,
1387                            String openId, String languageId, String timeZoneId,
1388                            String greeting, String comments, String firstName,
1389                            String middleName, String lastName, int prefixId, int suffixId,
1390                            boolean male, int birthdayMonth, int birthdayDay, int birthdayYear,
1391                            String smsSn, String aimSn, String facebookSn, String icqSn,
1392                            String jabberSn, String msnSn, String mySpaceSn, String skypeSn,
1393                            String twitterSn, String ymSn, String jobTitle, long[] groupIds,
1394                            long[] organizationIds, long[] roleIds,
1395                            List<UserGroupRole> userGroupRoles, long[] userGroupIds,
1396                            List<Address> addresses, List<EmailAddress> emailAddresses,
1397                            List<Phone> phones, List<Website> websites,
1398                            List<AnnouncementsDelivery> announcementsDelivers,
1399                            ServiceContext serviceContext)
1400                    throws PortalException, SystemException {
1401    
1402                    User user = userPersistence.findByPrimaryKey(userId);
1403    
1404                    UsersAdminUtil.updateAddresses(
1405                            Contact.class.getName(), user.getContactId(), addresses);
1406    
1407                    UsersAdminUtil.updateEmailAddresses(
1408                            Contact.class.getName(), user.getContactId(), emailAddresses);
1409    
1410                    UsersAdminUtil.updatePhones(
1411                            Contact.class.getName(), user.getContactId(), phones);
1412    
1413                    UsersAdminUtil.updateWebsites(
1414                            Contact.class.getName(), user.getContactId(), websites);
1415    
1416                    updateAnnouncementsDeliveries(user.getUserId(), announcementsDelivers);
1417    
1418                    user = updateUser(
1419                            userId, oldPassword, newPassword1, newPassword2, passwordReset,
1420                            reminderQueryQuestion, reminderQueryAnswer, screenName,
1421                            emailAddress, facebookId, openId, languageId, timeZoneId, greeting,
1422                            comments, firstName, middleName, lastName, prefixId, suffixId, male,
1423                            birthdayMonth, birthdayDay, birthdayYear, smsSn, aimSn, facebookSn,
1424                            icqSn, jabberSn, msnSn, mySpaceSn, skypeSn, twitterSn, ymSn,
1425                            jobTitle, groupIds, organizationIds, roleIds,
1426                            userGroupRoles, userGroupIds, serviceContext);
1427    
1428                    return user;
1429            }
1430    
1431            /**
1432             * Updates the user.
1433             *
1434             * @param  userId the primary key of the user
1435             * @param  oldPassword the user's old password
1436             * @param  newPassword1 the user's new password (optionally
1437             *         <code>null</code>)
1438             * @param  newPassword2 the user's new password confirmation (optionally
1439             *         <code>null</code>)
1440             * @param  passwordReset whether the user should be asked to reset their
1441             *         password the next time they login
1442             * @param  reminderQueryQuestion the user's new password reset question
1443             * @param  reminderQueryAnswer the user's new password reset answer
1444             * @param  screenName the user's new screen name
1445             * @param  emailAddress the user's new email address
1446             * @param  facebookId the user's new Facebook ID
1447             * @param  openId the user's new OpenID
1448             * @param  languageId the user's new language ID
1449             * @param  timeZoneId the user's new time zone ID
1450             * @param  greeting the user's new greeting
1451             * @param  comments the user's new comments
1452             * @param  firstName the user's new first name
1453             * @param  middleName the user's new middle name
1454             * @param  lastName the user's new last name
1455             * @param  prefixId the user's new name prefix ID
1456             * @param  suffixId the user's new name suffix ID
1457             * @param  male whether user is male
1458             * @param  birthdayMonth the user's new birthday month (0-based, meaning 0
1459             *         for January)
1460             * @param  birthdayDay the user's new birthday day
1461             * @param  birthdayYear the user's birthday year
1462             * @param  smsSn the user's new SMS screen name
1463             * @param  aimSn the user's new AIM screen name
1464             * @param  facebookSn the user's new Facebook screen name
1465             * @param  icqSn the user's new ICQ screen name
1466             * @param  jabberSn the user's new Jabber screen name
1467             * @param  msnSn the user's new MSN screen name
1468             * @param  mySpaceSn the user's new MySpace screen name
1469             * @param  skypeSn the user's new Skype screen name
1470             * @param  twitterSn the user's new Twitter screen name
1471             * @param  ymSn the user's new Yahoo! Messenger screen name
1472             * @param  jobTitle the user's new job title
1473             * @param  groupIds the primary keys of the user's groups
1474             * @param  organizationIds the primary keys of the user's organizations
1475             * @param  roleIds the primary keys of the user's roles
1476             * @param  userGroupRoles the user user's group roles
1477             * @param  userGroupIds the primary keys of the user's user groups
1478             * @param  serviceContext the user's service context (optionally
1479             *         <code>null</code>). Can set the universally unique identifier
1480             *         (with the <code>uuid</code> attribute), asset category IDs, asset
1481             *         tag names, and expando bridge attributes for the user.
1482             * @return the user
1483             * @throws PortalException if a user with the primary key could not be
1484             *         found, if the new information was invalid, or if the current user
1485             *         did not have permission to update the user
1486             * @throws SystemException if a system exception occurred
1487             */
1488            public User updateUser(
1489                            long userId, String oldPassword, String newPassword1,
1490                            String newPassword2, boolean passwordReset,
1491                            String reminderQueryQuestion, String reminderQueryAnswer,
1492                            String screenName, String emailAddress, long facebookId,
1493                            String openId, String languageId, String timeZoneId,
1494                            String greeting, String comments, String firstName,
1495                            String middleName, String lastName, int prefixId, int suffixId,
1496                            boolean male, int birthdayMonth, int birthdayDay, int birthdayYear,
1497                            String smsSn, String aimSn, String facebookSn, String icqSn,
1498                            String jabberSn, String msnSn, String mySpaceSn, String skypeSn,
1499                            String twitterSn, String ymSn, String jobTitle, long[] groupIds,
1500                            long[] organizationIds, long[] roleIds,
1501                            List<UserGroupRole> userGroupRoles, long[] userGroupIds,
1502                            ServiceContext serviceContext)
1503                    throws PortalException, SystemException {
1504    
1505                    UserPermissionUtil.check(
1506                            getPermissionChecker(), userId, organizationIds, ActionKeys.UPDATE);
1507    
1508                    long curUserId = getUserId();
1509    
1510                    if (curUserId == userId) {
1511                            User user = userPersistence.findByPrimaryKey(userId);
1512    
1513                            screenName = screenName.trim().toLowerCase();
1514    
1515                            if (!screenName.equalsIgnoreCase(user.getScreenName())) {
1516                                    validateScreenName(user, screenName);
1517                            }
1518    
1519                            emailAddress = emailAddress.trim().toLowerCase();
1520    
1521                            if (!emailAddress.equalsIgnoreCase(user.getEmailAddress())) {
1522                                    validateEmailAddress(user, emailAddress);
1523                            }
1524                    }
1525    
1526                    if (groupIds != null) {
1527                            groupIds = checkGroups(userId, groupIds);
1528                    }
1529    
1530                    if (organizationIds != null) {
1531                            organizationIds = checkOrganizations(userId, organizationIds);
1532                    }
1533    
1534                    if (roleIds != null) {
1535                            roleIds = checkRoles(userId, roleIds);
1536                    }
1537    
1538                    if (userGroupRoles != null) {
1539                            userGroupRoles = checkUserGroupRoles(userId, userGroupRoles);
1540                    }
1541    
1542                    return userLocalService.updateUser(
1543                            userId, oldPassword, newPassword1, newPassword2, passwordReset,
1544                            reminderQueryQuestion, reminderQueryAnswer, screenName,
1545                            emailAddress, facebookId, openId, languageId, timeZoneId, greeting,
1546                            comments, firstName, middleName, lastName, prefixId, suffixId, male,
1547                            birthdayMonth, birthdayDay, birthdayYear, smsSn, aimSn, facebookSn,
1548                            icqSn, jabberSn, msnSn, mySpaceSn, skypeSn, twitterSn, ymSn,
1549                            jobTitle, groupIds, organizationIds, roleIds, userGroupRoles,
1550                            userGroupIds, serviceContext);
1551            }
1552    
1553            protected void checkAddUserPermission(
1554                            long creatorUserId, long companyId, String emailAddress,
1555                            long[] organizationIds, ServiceContext serviceContext)
1556                    throws PortalException, SystemException {
1557    
1558                    Company company = companyPersistence.findByPrimaryKey(companyId);
1559    
1560                    boolean anonymousUser = GetterUtil.getBoolean(
1561                            serviceContext.getAttribute("anonymousUser"));
1562    
1563                    if ((creatorUserId != 0) ||
1564                            (!company.isStrangers() && !anonymousUser)) {
1565    
1566                            if (!PortalPermissionUtil.contains(
1567                                            getPermissionChecker(), ActionKeys.ADD_USER) &&
1568                                    !OrganizationPermissionUtil.contains(
1569                                            getPermissionChecker(), organizationIds,
1570                                            ActionKeys.ASSIGN_MEMBERS)) {
1571    
1572                                    throw new PrincipalException();
1573                            }
1574                    }
1575    
1576                    if (creatorUserId == 0) {
1577                            if (!company.isStrangersWithMx() &&
1578                                    company.hasCompanyMx(emailAddress)) {
1579    
1580                                    throw new ReservedUserEmailAddressException();
1581                            }
1582                    }
1583            }
1584    
1585            protected long[] checkGroups(long userId, long[] groupIds)
1586                    throws PortalException, SystemException {
1587    
1588                    // Add back any groups that the administrator does not have the rights
1589                    // to remove and check that he has the permission to add any new group
1590    
1591                    List<Group> oldGroups = groupLocalService.getUserGroups(userId);
1592                    long[] oldGroupIds = new long[oldGroups.size()];
1593    
1594                    for (int i = 0; i < oldGroups.size(); i++) {
1595                            Group group = oldGroups.get(i);
1596    
1597                            if (!ArrayUtil.contains(groupIds, group.getGroupId()) &&
1598                                    !GroupPermissionUtil.contains(
1599                                            getPermissionChecker(), group.getGroupId(),
1600                                            ActionKeys.ASSIGN_MEMBERS)) {
1601    
1602                                    groupIds = ArrayUtil.append(groupIds, group.getGroupId());
1603                            }
1604    
1605                            oldGroupIds[i] = group.getGroupId();
1606                    }
1607    
1608                    for (long groupId : groupIds) {
1609                            if (!ArrayUtil.contains(oldGroupIds, groupId)) {
1610                                    GroupPermissionUtil.check(
1611                                            getPermissionChecker(), groupId, ActionKeys.ASSIGN_MEMBERS);
1612                            }
1613                    }
1614    
1615                    return groupIds;
1616            }
1617    
1618            protected long[] checkOrganizations(long userId, long[] organizationIds)
1619                    throws PortalException, SystemException {
1620    
1621                    // Add back any organizations that the administrator does not have the
1622                    // rights to remove and check that he has the permission to add any new
1623                    // organization
1624    
1625                    List<Organization> oldOrganizations =
1626                            organizationLocalService.getUserOrganizations(userId);
1627                    long[] oldOrganizationIds = new long[oldOrganizations.size()];
1628    
1629                    for (int i = 0; i < oldOrganizations.size(); i++) {
1630                            Organization organization = oldOrganizations.get(i);
1631    
1632                            if (!ArrayUtil.contains(
1633                                            organizationIds, organization.getOrganizationId()) &&
1634                                    !OrganizationPermissionUtil.contains(
1635                                            getPermissionChecker(), organization.getOrganizationId(),
1636                                            ActionKeys.ASSIGN_MEMBERS)) {
1637    
1638                                    organizationIds = ArrayUtil.append(
1639                                            organizationIds, organization.getOrganizationId());
1640                            }
1641    
1642                            oldOrganizationIds[i] = organization.getOrganizationId();
1643                    }
1644    
1645                    for (long organizationId : organizationIds) {
1646                            if (!ArrayUtil.contains(oldOrganizationIds, organizationId)) {
1647                                    OrganizationPermissionUtil.check(
1648                                            getPermissionChecker(), organizationId,
1649                                            ActionKeys.ASSIGN_MEMBERS);
1650                            }
1651                    }
1652    
1653                    return organizationIds;
1654            }
1655    
1656            protected long[] checkRoles(long userId, long[] roleIds)
1657                    throws PrincipalException, SystemException {
1658    
1659                    // Add back any roles that the administrator does not have the rights to
1660                    // remove and check that he has the permission to add any new role
1661    
1662                    List<Role> oldRoles = roleLocalService.getUserRoles(userId);
1663                    long[] oldRoleIds = new long[oldRoles.size()];
1664    
1665                    for (int i = 0; i < oldRoles.size(); i++) {
1666                            Role role = oldRoles.get(i);
1667    
1668                            if (!ArrayUtil.contains(roleIds, role.getRoleId()) &&
1669                                    !RolePermissionUtil.contains(
1670                                            getPermissionChecker(), role.getRoleId(),
1671                                            ActionKeys.ASSIGN_MEMBERS)) {
1672    
1673                                    roleIds = ArrayUtil.append(roleIds, role.getRoleId());
1674                            }
1675    
1676                            oldRoleIds[i] = role.getRoleId();
1677                    }
1678    
1679                    for (long roleId : roleIds) {
1680                            if (!ArrayUtil.contains(oldRoleIds, roleId)) {
1681                                    RolePermissionUtil.check(
1682                                            getPermissionChecker(), roleId, ActionKeys.ASSIGN_MEMBERS);
1683                            }
1684                    }
1685    
1686                    return roleIds;
1687            }
1688    
1689            protected List<UserGroupRole> checkUserGroupRoles(
1690                            long userId, List<UserGroupRole> userGroupRoles)
1691                    throws PortalException, SystemException {
1692    
1693                    // Add back any group roles that the administrator does not have the
1694                    // rights to remove
1695    
1696                    List<UserGroupRole> oldUserGroupRoles =
1697                            userGroupRoleLocalService.getUserGroupRoles(userId);
1698    
1699                    for (UserGroupRole oldUserGroupRole : oldUserGroupRoles) {
1700                            if (!userGroupRoles.contains(oldUserGroupRole) &&
1701                                    !UserGroupRolePermissionUtil.contains(
1702                                            getPermissionChecker(), oldUserGroupRole.getGroupId(),
1703                                            oldUserGroupRole.getRoleId())) {
1704    
1705                                    userGroupRoles.add(oldUserGroupRole);
1706                            }
1707                    }
1708    
1709                    for (UserGroupRole userGroupRole : userGroupRoles) {
1710                            if (!oldUserGroupRoles.contains(userGroupRole)) {
1711                                    UserGroupRolePermissionUtil.check(
1712                                            getPermissionChecker(), userGroupRole.getGroupId(),
1713                                            userGroupRole.getRoleId());
1714                            }
1715                    }
1716    
1717                    return userGroupRoles;
1718            }
1719    
1720            protected void updateAnnouncementsDeliveries(
1721                            long userId, List<AnnouncementsDelivery> announcementsDeliveries)
1722                    throws PortalException, SystemException {
1723    
1724                    for (AnnouncementsDelivery announcementsDelivery :
1725                                    announcementsDeliveries) {
1726    
1727                            announcementsDeliveryService.updateDelivery(
1728                                    userId, announcementsDelivery.getType(),
1729                                    announcementsDelivery.getEmail(),
1730                                    announcementsDelivery.getSms(),
1731                                    announcementsDelivery.getWebsite());
1732                    }
1733            }
1734    
1735            protected void validateEmailAddress(User user, String emailAddress)
1736                    throws PortalException, SystemException {
1737    
1738                    PermissionChecker permissionChecker = getPermissionChecker();
1739    
1740                    if (!UsersAdminUtil.hasUpdateEmailAddress(permissionChecker, user)) {
1741                            throw new UserEmailAddressException();
1742                    }
1743    
1744                    if (!user.hasCompanyMx() && user.hasCompanyMx(emailAddress)) {
1745                            Company company = companyPersistence.findByPrimaryKey(
1746                                    user.getCompanyId());
1747    
1748                            if (!company.isStrangersWithMx()) {
1749                                    throw new ReservedUserEmailAddressException();
1750                            }
1751                    }
1752            }
1753    
1754            protected void validateOrganizationUsers(long[] userIds)
1755                    throws PortalException, SystemException {
1756    
1757                    PermissionChecker permissionChecker = getPermissionChecker();
1758    
1759                    if (!PropsValues.ORGANIZATIONS_ASSIGNMENT_STRICT ||
1760                            permissionChecker.isCompanyAdmin()) {
1761    
1762                            return;
1763                    }
1764    
1765                    List<Organization> organizations =
1766                            organizationLocalService.getUserOrganizations(
1767                                    permissionChecker.getUserId());
1768    
1769                    for (long userId : userIds) {
1770                            boolean allowed = false;
1771    
1772                            for (Organization organization : organizations) {
1773                                    boolean manageUsers = OrganizationPermissionUtil.contains(
1774                                            permissionChecker, organization, ActionKeys.MANAGE_USERS);
1775                                    boolean manageSuborganizations =
1776                                            OrganizationPermissionUtil.contains(
1777                                                    permissionChecker, organization,
1778                                                    ActionKeys.MANAGE_SUBORGANIZATIONS);
1779    
1780                                    if (!manageUsers && !manageSuborganizations) {
1781                                            continue;
1782                                    }
1783    
1784                                    boolean inherited = false;
1785                                    boolean includeSpecifiedOrganization = false;
1786    
1787                                    if (manageUsers && manageSuborganizations) {
1788                                            inherited = true;
1789                                            includeSpecifiedOrganization = true;
1790                                    }
1791                                    else if (!manageUsers && manageSuborganizations) {
1792                                            inherited = true;
1793                                            includeSpecifiedOrganization = false;
1794                                    }
1795    
1796                                    if (organizationLocalService.hasUserOrganization(
1797                                                    userId, organization.getOrganizationId(), inherited,
1798                                                    includeSpecifiedOrganization)) {
1799    
1800                                            allowed = true;
1801    
1802                                            break;
1803                                    }
1804                            }
1805    
1806                            if (!allowed) {
1807                                    throw new PrincipalException();
1808                            }
1809                    }
1810            }
1811    
1812            protected void validateScreenName(User user, String screenName)
1813                    throws PortalException, SystemException {
1814    
1815                    PermissionChecker permissionChecker = getPermissionChecker();
1816    
1817                    if (!UsersAdminUtil.hasUpdateScreenName(permissionChecker, user)) {
1818                            throw new UserScreenNameException();
1819                    }
1820            }
1821    
1822    }