001    /**
002     * Copyright (c) 2000-2011 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.service.impl;
016    
017    import com.liferay.portal.DuplicatePasswordPolicyException;
018    import com.liferay.portal.NoSuchPasswordPolicyRelException;
019    import com.liferay.portal.PasswordPolicyNameException;
020    import com.liferay.portal.RequiredPasswordPolicyException;
021    import com.liferay.portal.kernel.cache.ThreadLocalCachable;
022    import com.liferay.portal.kernel.exception.PortalException;
023    import com.liferay.portal.kernel.exception.SystemException;
024    import com.liferay.portal.kernel.util.CharPool;
025    import com.liferay.portal.kernel.util.OrderByComparator;
026    import com.liferay.portal.kernel.util.Validator;
027    import com.liferay.portal.model.Organization;
028    import com.liferay.portal.model.PasswordPolicy;
029    import com.liferay.portal.model.PasswordPolicyRel;
030    import com.liferay.portal.model.ResourceConstants;
031    import com.liferay.portal.model.User;
032    import com.liferay.portal.security.ldap.LDAPSettingsUtil;
033    import com.liferay.portal.service.base.PasswordPolicyLocalServiceBaseImpl;
034    import com.liferay.portal.util.PropsValues;
035    
036    import java.util.Date;
037    import java.util.List;
038    
039    /**
040     * @author Scott Lee
041     */
042    public class PasswordPolicyLocalServiceImpl
043            extends PasswordPolicyLocalServiceBaseImpl {
044    
045            public PasswordPolicy addPasswordPolicy(
046                            long userId, boolean defaultPolicy, String name, String description,
047                            boolean changeable, boolean changeRequired, long minAge,
048                            boolean checkSyntax, boolean allowDictionaryWords,
049                            int minAlphanumeric, int minLength, int minLowerCase,
050                            int minNumbers, int minSymbols, int minUpperCase, boolean history,
051                            int historyCount, boolean expireable, long maxAge, long warningTime,
052                            int graceLimit, boolean lockout, int maxFailure,
053                            long lockoutDuration, long resetFailureCount,
054                            long resetTicketMaxAge)
055                    throws PortalException, SystemException {
056    
057                    // Password policy
058    
059                    User user = userPersistence.findByPrimaryKey(userId);
060                    Date now = new Date();
061    
062                    validate(0, user.getCompanyId(), name);
063    
064                    long passwordPolicyId = counterLocalService.increment();
065    
066                    PasswordPolicy passwordPolicy = passwordPolicyPersistence.create(
067                            passwordPolicyId);
068    
069                    passwordPolicy.setUserId(userId);
070                    passwordPolicy.setCompanyId(user.getCompanyId());
071                    passwordPolicy.setUserName(user.getFullName());
072                    passwordPolicy.setCreateDate(now);
073                    passwordPolicy.setModifiedDate(now);
074                    passwordPolicy.setDefaultPolicy(defaultPolicy);
075                    passwordPolicy.setName(name);
076                    passwordPolicy.setDescription(description);
077                    passwordPolicy.setChangeable(changeable);
078                    passwordPolicy.setChangeRequired(changeRequired);
079                    passwordPolicy.setMinAge(minAge);
080                    passwordPolicy.setCheckSyntax(checkSyntax);
081                    passwordPolicy.setAllowDictionaryWords(allowDictionaryWords);
082                    passwordPolicy.setMinAlphanumeric(minAlphanumeric);
083                    passwordPolicy.setMinLength(minLength);
084                    passwordPolicy.setMinLowerCase(minLowerCase);
085                    passwordPolicy.setMinNumbers(minNumbers);
086                    passwordPolicy.setMinSymbols(minSymbols);
087                    passwordPolicy.setMinUpperCase(minUpperCase);
088                    passwordPolicy.setHistory(history);
089                    passwordPolicy.setHistoryCount(historyCount);
090                    passwordPolicy.setExpireable(expireable);
091                    passwordPolicy.setMaxAge(maxAge);
092                    passwordPolicy.setWarningTime(warningTime);
093                    passwordPolicy.setGraceLimit(graceLimit);
094                    passwordPolicy.setLockout(lockout);
095                    passwordPolicy.setMaxFailure(maxFailure);
096                    passwordPolicy.setLockoutDuration(lockoutDuration);
097                    passwordPolicy.setRequireUnlock(lockoutDuration == 0);
098                    passwordPolicy.setResetFailureCount(resetFailureCount);
099                    passwordPolicy.setResetTicketMaxAge(resetTicketMaxAge);
100    
101                    passwordPolicyPersistence.update(passwordPolicy, false);
102    
103                    // Resources
104    
105                    if (!user.isDefaultUser()) {
106                            resourceLocalService.addResources(
107                                    user.getCompanyId(), 0, userId, PasswordPolicy.class.getName(),
108                                    passwordPolicy.getPasswordPolicyId(), false, false, false);
109                    }
110    
111                    return passwordPolicy;
112            }
113    
114            public void checkDefaultPasswordPolicy(long companyId)
115                    throws PortalException, SystemException {
116    
117                    String defaultPasswordPolicyName =
118                            PropsValues.PASSWORDS_DEFAULT_POLICY_NAME;
119    
120                    PasswordPolicy defaultPasswordPolicy =
121                            passwordPolicyPersistence.fetchByC_N(
122                                    companyId, defaultPasswordPolicyName);
123    
124                    if (defaultPasswordPolicy == null) {
125                            long defaultUserId = userLocalService.getDefaultUserId(companyId);
126    
127                            addPasswordPolicy(
128                                    defaultUserId, true, defaultPasswordPolicyName,
129                                    defaultPasswordPolicyName, true, true, 0, false, true, 0, 6,
130                                    0, 1, 0, 1, false, 6, false, 8640000, 86400, 0, false, 3, 0,
131                                    600, 86400);
132                    }
133            }
134    
135            @Override
136            public void deletePasswordPolicy(long passwordPolicyId)
137                    throws PortalException, SystemException {
138    
139                    PasswordPolicy passwordPolicy =
140                            passwordPolicyPersistence.findByPrimaryKey(passwordPolicyId);
141    
142                    deletePasswordPolicy(passwordPolicy);
143            }
144    
145            @Override
146            public void deletePasswordPolicy(PasswordPolicy passwordPolicy)
147                    throws PortalException, SystemException {
148    
149                    if (passwordPolicy.isDefaultPolicy()) {
150                            throw new RequiredPasswordPolicyException();
151                    }
152    
153                    // Password policy relations
154    
155                    passwordPolicyRelLocalService.deletePasswordPolicyRels(
156                            passwordPolicy.getPasswordPolicyId());
157    
158                    // Resources
159    
160                    resourceLocalService.deleteResource(
161                            passwordPolicy.getCompanyId(), PasswordPolicy.class.getName(),
162                            ResourceConstants.SCOPE_INDIVIDUAL,
163                            passwordPolicy.getPasswordPolicyId());
164    
165                    // Password policy
166    
167                    passwordPolicyPersistence.remove(passwordPolicy);
168            }
169    
170            public PasswordPolicy getDefaultPasswordPolicy(long companyId)
171                    throws PortalException, SystemException {
172    
173                    if (LDAPSettingsUtil.isPasswordPolicyEnabled(companyId)) {
174                            return null;
175                    }
176    
177                    return passwordPolicyPersistence.findByC_DP(companyId, true);
178            }
179    
180            @Override
181            public PasswordPolicy getPasswordPolicy(long passwordPolicyId)
182                    throws PortalException, SystemException {
183    
184                    return passwordPolicyPersistence.findByPrimaryKey(passwordPolicyId);
185            }
186    
187            /**
188             * @deprecated
189             */
190            public PasswordPolicy getPasswordPolicy(
191                            long companyId, long organizationId, long locationId)
192                    throws PortalException, SystemException {
193    
194                    return getPasswordPolicy(
195                            companyId, new long[] {organizationId, locationId});
196            }
197    
198            public PasswordPolicy getPasswordPolicy(
199                            long companyId, long[] organizationIds)
200                    throws PortalException, SystemException {
201    
202                    if (LDAPSettingsUtil.isPasswordPolicyEnabled(companyId)) {
203                            return null;
204                    }
205    
206                    if ((organizationIds == null) || (organizationIds.length == 0)) {
207                            return getDefaultPasswordPolicy(companyId);
208                    }
209    
210                    PasswordPolicyRel passwordPolicyRel = null;
211    
212                    for (int i = 0; i < organizationIds.length; i++) {
213                            long organizationId = organizationIds[i];
214    
215                            try {
216                                    passwordPolicyRel =
217                                            passwordPolicyRelLocalService.getPasswordPolicyRel(
218                                                    Organization.class.getName(), organizationId);
219    
220                                    return getPasswordPolicy(
221                                            passwordPolicyRel.getPasswordPolicyId());
222                            }
223                            catch (NoSuchPasswordPolicyRelException nsppre) {
224                            }
225                    }
226    
227                    return getDefaultPasswordPolicy(companyId);
228            }
229    
230            @ThreadLocalCachable
231            public PasswordPolicy getPasswordPolicyByUserId(long userId)
232                    throws PortalException, SystemException {
233    
234                    User user = userPersistence.findByPrimaryKey(userId);
235    
236                    if (LDAPSettingsUtil.isPasswordPolicyEnabled(user.getCompanyId())) {
237                            return null;
238                    }
239    
240                    PasswordPolicyRel passwordPolicyRel =
241                            passwordPolicyRelLocalService.fetchPasswordPolicyRel(
242                                    User.class.getName(), userId);
243    
244                    if (passwordPolicyRel != null) {
245                            return getPasswordPolicy(passwordPolicyRel.getPasswordPolicyId());
246                    }
247                    else {
248                            long[] organizationIds = user.getOrganizationIds();
249    
250                            return getPasswordPolicy(user.getCompanyId(), organizationIds);
251                    }
252            }
253    
254            public List<PasswordPolicy> search(
255                            long companyId, String name, int start, int end,
256                            OrderByComparator obc)
257                    throws SystemException {
258    
259                    return passwordPolicyFinder.findByC_N(companyId, name, start, end, obc);
260            }
261    
262            public int searchCount(long companyId, String name)
263                    throws SystemException {
264    
265                    return passwordPolicyFinder.countByC_N(companyId, name);
266            }
267    
268            public PasswordPolicy updatePasswordPolicy(
269                            long passwordPolicyId, String name, String description,
270                            boolean changeable, boolean changeRequired, long minAge,
271                            boolean checkSyntax, boolean allowDictionaryWords,
272                            int minAlphanumeric, int minLength, int minLowerCase,
273                            int minNumbers, int minSymbols, int minUpperCase, boolean history,
274                            int historyCount, boolean expireable, long maxAge,
275                            long warningTime, int graceLimit, boolean lockout, int maxFailure,
276                            long lockoutDuration, long resetFailureCount,
277                            long resetTicketMaxAge)
278                    throws PortalException, SystemException {
279    
280                    Date now = new Date();
281    
282                    PasswordPolicy passwordPolicy =
283                            passwordPolicyPersistence.findByPrimaryKey(passwordPolicyId);
284    
285                    if (!passwordPolicy.getDefaultPolicy()) {
286                            validate(passwordPolicyId, passwordPolicy.getCompanyId(), name);
287    
288                            passwordPolicy.setName(name);
289                    }
290    
291                    passwordPolicy.setModifiedDate(now);
292                    passwordPolicy.setDescription(description);
293                    passwordPolicy.setChangeable(changeable);
294                    passwordPolicy.setChangeRequired(changeRequired);
295                    passwordPolicy.setMinAge(minAge);
296                    passwordPolicy.setCheckSyntax(checkSyntax);
297                    passwordPolicy.setAllowDictionaryWords(allowDictionaryWords);
298                    passwordPolicy.setMinAlphanumeric(minAlphanumeric);
299                    passwordPolicy.setMinLength(minLength);
300                    passwordPolicy.setMinLowerCase(minLowerCase);
301                    passwordPolicy.setMinNumbers(minNumbers);
302                    passwordPolicy.setMinSymbols(minSymbols);
303                    passwordPolicy.setMinUpperCase(minUpperCase);
304                    passwordPolicy.setHistory(history);
305                    passwordPolicy.setHistoryCount(historyCount);
306                    passwordPolicy.setExpireable(expireable);
307                    passwordPolicy.setMaxAge(maxAge);
308                    passwordPolicy.setWarningTime(warningTime);
309                    passwordPolicy.setGraceLimit(graceLimit);
310                    passwordPolicy.setLockout(lockout);
311                    passwordPolicy.setMaxFailure(maxFailure);
312                    passwordPolicy.setLockoutDuration(lockoutDuration);
313                    passwordPolicy.setRequireUnlock(lockoutDuration == 0);
314                    passwordPolicy.setResetFailureCount(resetFailureCount);
315                    passwordPolicy.setResetTicketMaxAge(resetTicketMaxAge);
316    
317                    passwordPolicyPersistence.update(passwordPolicy, false);
318    
319                    return passwordPolicy;
320            }
321    
322            protected void validate(long passwordPolicyId, long companyId, String name)
323                    throws PortalException, SystemException {
324    
325                    if ((Validator.isNull(name)) || (Validator.isNumber(name)) ||
326                            (name.indexOf(CharPool.COMMA) != -1) ||
327                            (name.indexOf(CharPool.STAR) != -1)) {
328    
329                            throw new PasswordPolicyNameException();
330                    }
331    
332                    PasswordPolicy passwordPolicy = passwordPolicyPersistence.fetchByC_N(
333                            companyId, name);
334    
335                    if (passwordPolicy != null) {
336                            if ((passwordPolicyId <= 0) ||
337                                    (passwordPolicy.getPasswordPolicyId() != passwordPolicyId)) {
338    
339                                    throw new DuplicatePasswordPolicyException();
340                            }
341                    }
342            }
343    
344    }