001    /**
002     * Copyright (c) 2000-2011 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.service.impl;
016    
017    import com.liferay.portal.RequiredUserException;
018    import com.liferay.portal.ReservedUserEmailAddressException;
019    import com.liferay.portal.UserEmailAddressException;
020    import com.liferay.portal.UserScreenNameException;
021    import com.liferay.portal.kernel.exception.PortalException;
022    import com.liferay.portal.kernel.exception.SystemException;
023    import com.liferay.portal.kernel.search.Indexer;
024    import com.liferay.portal.kernel.search.IndexerRegistryUtil;
025    import com.liferay.portal.kernel.util.ArrayUtil;
026    import com.liferay.portal.kernel.util.GetterUtil;
027    import com.liferay.portal.kernel.workflow.WorkflowConstants;
028    import com.liferay.portal.kernel.workflow.WorkflowThreadLocal;
029    import com.liferay.portal.model.Address;
030    import com.liferay.portal.model.Company;
031    import com.liferay.portal.model.Contact;
032    import com.liferay.portal.model.EmailAddress;
033    import com.liferay.portal.model.Group;
034    import com.liferay.portal.model.GroupConstants;
035    import com.liferay.portal.model.Organization;
036    import com.liferay.portal.model.Phone;
037    import com.liferay.portal.model.Role;
038    import com.liferay.portal.model.User;
039    import com.liferay.portal.model.UserGroupRole;
040    import com.liferay.portal.model.Website;
041    import com.liferay.portal.security.auth.PrincipalException;
042    import com.liferay.portal.security.permission.ActionKeys;
043    import com.liferay.portal.security.permission.PermissionChecker;
044    import com.liferay.portal.service.ServiceContext;
045    import com.liferay.portal.service.base.UserServiceBaseImpl;
046    import com.liferay.portal.service.permission.GroupPermissionUtil;
047    import com.liferay.portal.service.permission.OrganizationPermissionUtil;
048    import com.liferay.portal.service.permission.PasswordPolicyPermissionUtil;
049    import com.liferay.portal.service.permission.PortalPermissionUtil;
050    import com.liferay.portal.service.permission.RolePermissionUtil;
051    import com.liferay.portal.service.permission.TeamPermissionUtil;
052    import com.liferay.portal.service.permission.UserGroupPermissionUtil;
053    import com.liferay.portal.service.permission.UserGroupRolePermissionUtil;
054    import com.liferay.portal.service.permission.UserPermissionUtil;
055    import com.liferay.portal.util.PropsValues;
056    import com.liferay.portlet.announcements.model.AnnouncementsDelivery;
057    import com.liferay.portlet.usersadmin.util.UsersAdminUtil;
058    
059    import java.util.List;
060    import java.util.Locale;
061    
062    /**
063     * The implementation of the user remote service.
064     *
065     * @author Brian Wing Shun Chan
066     * @author Brian Myunghun Kim
067     * @author Scott Lee
068     * @author Jorge Ferrer
069     * @author Julio Camarero
070     */
071    public class UserServiceImpl extends UserServiceBaseImpl {
072    
073            /**
074             * Adds the users to the group.
075             *
076             * @param  groupId the primary key of the group
077             * @param  userIds the primary keys of the users
078             * @throws PortalException if a group or user with the primary key could not
079             *         be found, or if the user did not have permission to assign group
080             *         members
081             * @throws SystemException if a system exception occurred
082             */
083            public void addGroupUsers(
084                            long groupId, long[] userIds, ServiceContext serviceContext)
085                    throws PortalException, SystemException {
086    
087                    try {
088                            GroupPermissionUtil.check(
089                                    getPermissionChecker(), groupId, ActionKeys.ASSIGN_MEMBERS);
090                    }
091                    catch (PrincipalException pe) {
092    
093                            // Allow any user to join open sites
094    
095                            boolean hasPermission = false;
096    
097                            if (userIds.length == 0) {
098                                    hasPermission = true;
099                            }
100                            else if (userIds.length == 1) {
101                                    User user = getUser();
102    
103                                    if (user.getUserId() == userIds[0]) {
104                                            Group group = groupPersistence.findByPrimaryKey(groupId);
105    
106                                            if (user.getCompanyId() == group.getCompanyId()) {
107                                                    int type = group.getType();
108    
109                                                    if (type == GroupConstants.TYPE_SITE_OPEN) {
110                                                            hasPermission = true;
111                                                    }
112                                            }
113                                    }
114                            }
115    
116                            if (!hasPermission) {
117                                    throw new PrincipalException();
118                            }
119                    }
120    
121                    userLocalService.addGroupUsers(groupId, userIds);
122            }
123    
124            /**
125             * Adds the users to the organization.
126             *
127             * @param  organizationId the primary key of the organization
128             * @param  userIds the primary keys of the users
129             * @throws PortalException if an organization or user with the primary key
130             *         could not be found, if the user did not have permission to assign
131             *         organization members, or if current user did not have an
132             *         organization in common with a given user
133             * @throws SystemException if a system exception occurred
134             */
135            public void addOrganizationUsers(long organizationId, long[] userIds)
136                    throws PortalException, SystemException {
137    
138                    OrganizationPermissionUtil.check(
139                            getPermissionChecker(), organizationId, ActionKeys.ASSIGN_MEMBERS);
140    
141                    validateOrganizationUsers(userIds);
142    
143                    userLocalService.addOrganizationUsers(organizationId, userIds);
144            }
145    
146            /**
147             * Assigns the password policy to the users, removing any other currently
148             * assigned password policies.
149             *
150             * @param  passwordPolicyId the primary key of the password policy
151             * @param  userIds the primary keys of the users
152             * @throws PortalException if the user did not have permission to assign
153             *         policy members
154             * @throws SystemException if a system exception occurred
155             */
156            public void addPasswordPolicyUsers(long passwordPolicyId, long[] userIds)
157                    throws PortalException, SystemException {
158    
159                    PasswordPolicyPermissionUtil.check(
160                            getPermissionChecker(), passwordPolicyId,
161                            ActionKeys.ASSIGN_MEMBERS);
162    
163                    userLocalService.addPasswordPolicyUsers(passwordPolicyId, userIds);
164            }
165    
166            /**
167             * Adds the users to the role.
168             *
169             * @param  roleId the primary key of the role
170             * @param  userIds the primary keys of the users
171             * @throws PortalException if a role or user with the primary key could not
172             *         be found or if the user did not have permission to assign role
173             *         members
174             * @throws SystemException if a system exception occurred
175             */
176            public void addRoleUsers(long roleId, long[] userIds)
177                    throws PortalException, SystemException {
178    
179                    RolePermissionUtil.check(
180                            getPermissionChecker(), roleId, ActionKeys.ASSIGN_MEMBERS);
181    
182                    userLocalService.addRoleUsers(roleId, userIds);
183            }
184    
185            /**
186             * Adds the users to the team.
187             *
188             * @param  teamId the primary key of the team
189             * @param  userIds the primary keys of the users
190             * @throws PortalException if a team or user with the primary key could not
191             *         be found or if the user did not have permission to assign team
192             *         members
193             * @throws SystemException if a system exception occurred
194             */
195            public void addTeamUsers(long teamId, long[] userIds)
196                    throws PortalException, SystemException {
197    
198                    TeamPermissionUtil.check(
199                            getPermissionChecker(), teamId, ActionKeys.ASSIGN_MEMBERS);
200    
201                    userLocalService.addTeamUsers(teamId, userIds);
202            }
203    
204            /**
205             * Adds a user with additional parameters.
206             *
207             * <p>
208             * This method handles the creation and bookkeeping of the user including
209             * its resources, metadata, and internal data structures. It is not
210             * necessary to make subsequent calls to any methods to setup default
211             * groups, resources, etc.
212             * </p>
213             *
214             * @param  companyId the primary key of the user's company
215             * @param  autoPassword whether a password should be automatically generated
216             *         for the user
217             * @param  password1 the user's password
218             * @param  password2 the user's password confirmation
219             * @param  autoScreenName whether a screen name should be automatically
220             *         generated for the user
221             * @param  screenName the user's screen name
222             * @param  emailAddress the user's email address
223             * @param  facebookId the user's facebook ID
224             * @param  openId the user's OpenID
225             * @param  locale the user's locale
226             * @param  firstName the user's first name
227             * @param  middleName the user's middle name
228             * @param  lastName the user's last name
229             * @param  prefixId the user's name prefix ID
230             * @param  suffixId the user's name suffix ID
231             * @param  male whether the user is male
232             * @param  birthdayMonth the user's birthday month (0-based, meaning 0 for
233             *         January)
234             * @param  birthdayDay the user's birthday day
235             * @param  birthdayYear the user's birthday year
236             * @param  jobTitle the user's job title
237             * @param  groupIds the primary keys of the user's groups
238             * @param  organizationIds the primary keys of the user's organizations
239             * @param  roleIds the primary keys of the roles this user possesses
240             * @param  userGroupIds the primary keys of the user's user groups
241             * @param  addresses the user's addresses
242             * @param  emailAddresses the user's email addresses
243             * @param  phones the user's phone numbers
244             * @param  websites the user's websites
245             * @param  announcementsDelivers the announcements deliveries
246             * @param  sendEmail whether to send the user an email notification about
247             *         their new account
248             * @param  serviceContext the user's service context (optionally
249             *         <code>null</code>). Can set the universally unique identifier
250             *         (with the <code>uuid</code> attribute), asset category IDs, asset
251             *         tag names, and expando bridge attributes for the user.
252             * @return the new user
253             * @throws PortalException if the user's information was invalid, if the
254             *         creator did not have permission to add users, if the email
255             *         address was reserved, or some other portal exception occurred
256             * @throws SystemException if a system exception occurred
257             */
258            public User addUser(
259                            long companyId, boolean autoPassword, String password1,
260                            String password2, boolean autoScreenName, String screenName,
261                            String emailAddress, long facebookId, String openId, Locale locale,
262                            String firstName, String middleName, String lastName, int prefixId,
263                            int suffixId, boolean male, int birthdayMonth, int birthdayDay,
264                            int birthdayYear, String jobTitle, long[] groupIds,
265                            long[] organizationIds, long[] roleIds, long[] userGroupIds,
266                            List<Address> addresses, List<EmailAddress> emailAddresses,
267                            List<Phone> phones, List<Website> websites,
268                            List<AnnouncementsDelivery> announcementsDelivers,
269                            boolean sendEmail, ServiceContext serviceContext)
270                    throws PortalException, SystemException {
271    
272                    boolean workflowEnabled = WorkflowThreadLocal.isEnabled();
273    
274                    try {
275                            WorkflowThreadLocal.setEnabled(false);
276    
277                            return addUserWithWorkflow(
278                                    companyId, autoPassword, password1, password2, autoScreenName,
279                                    screenName, emailAddress, facebookId, openId, locale, firstName,
280                                    middleName, lastName, prefixId, suffixId, male, birthdayMonth,
281                                    birthdayDay, birthdayYear, jobTitle, groupIds, organizationIds,
282                                    roleIds, userGroupIds, addresses, emailAddresses, phones,
283                                    websites, announcementsDelivers, sendEmail, serviceContext);
284                    }
285                    finally {
286                            WorkflowThreadLocal.setEnabled(workflowEnabled);
287                    }
288            }
289    
290            /**
291             * Adds a user.
292             *
293             * <p>
294             * This method handles the creation and bookkeeping of the user including
295             * its resources, metadata, and internal data structures. It is not
296             * necessary to make subsequent calls to any methods to setup default
297             * groups, resources, etc.
298             * </p>
299             *
300             * @param  companyId the primary key of the user's company
301             * @param  autoPassword whether a password should be automatically generated
302             *         for the user
303             * @param  password1 the user's password
304             * @param  password2 the user's password confirmation
305             * @param  autoScreenName whether a screen name should be automatically
306             *         generated for the user
307             * @param  screenName the user's screen name
308             * @param  emailAddress the user's email address
309             * @param  facebookId the user's facebook ID
310             * @param  openId the user's OpenID
311             * @param  locale the user's locale
312             * @param  firstName the user's first name
313             * @param  middleName the user's middle name
314             * @param  lastName the user's last name
315             * @param  prefixId the user's name prefix ID
316             * @param  suffixId the user's name suffix ID
317             * @param  male whether the user is male
318             * @param  birthdayMonth the user's birthday month (0-based, meaning 0 for
319             *         January)
320             * @param  birthdayDay the user's birthday day
321             * @param  birthdayYear the user's birthday year
322             * @param  jobTitle the user's job title
323             * @param  groupIds the primary keys of the user's groups
324             * @param  organizationIds the primary keys of the user's organizations
325             * @param  roleIds the primary keys of the roles this user possesses
326             * @param  userGroupIds the primary keys of the user's user groups
327             * @param  sendEmail whether to send the user an email notification about
328             *         their new account
329             * @param  serviceContext the user's service context (optionally
330             *         <code>null</code>). Can set the universally unique identifier
331             *         (with the <code>uuid</code> attribute), asset category IDs, asset
332             *         tag names, and expando bridge attributes for the user.
333             * @return the new user
334             * @throws PortalException if the user's information was invalid, if the
335             *         creator did not have permission to add users, or if the email
336             *         address was reserved
337             * @throws SystemException if a system exception occurred
338             */
339            public User addUser(
340                            long companyId, boolean autoPassword, String password1,
341                            String password2, boolean autoScreenName, String screenName,
342                            String emailAddress, long facebookId, String openId, Locale locale,
343                            String firstName, String middleName, String lastName, int prefixId,
344                            int suffixId, boolean male, int birthdayMonth, int birthdayDay,
345                            int birthdayYear, String jobTitle, long[] groupIds,
346                            long[] organizationIds, long[] roleIds, long[] userGroupIds,
347                            boolean sendEmail, ServiceContext serviceContext)
348                    throws PortalException, SystemException {
349    
350                    boolean workflowEnabled = WorkflowThreadLocal.isEnabled();
351    
352                    try {
353                            WorkflowThreadLocal.setEnabled(false);
354    
355                            return addUserWithWorkflow(
356                                    companyId, autoPassword, password1, password2, autoScreenName,
357                                    screenName, emailAddress, facebookId, openId, locale, firstName,
358                                    middleName, lastName, prefixId, suffixId, male, birthdayMonth,
359                                    birthdayDay, birthdayYear, jobTitle, groupIds, organizationIds,
360                                    roleIds, userGroupIds, sendEmail, serviceContext);
361                    }
362                    finally {
363                            WorkflowThreadLocal.setEnabled(workflowEnabled);
364                    }
365            }
366    
367            /**
368             * Adds a user with workflow and additional parameters.
369             *
370             * <p>
371             * This method handles the creation and bookkeeping of the user including
372             * its resources, metadata, and internal data structures. It is not
373             * necessary to make subsequent calls to any methods to setup default
374             * groups, resources, etc.
375             * </p>
376             *
377             * @param  companyId the primary key of the user's company
378             * @param  autoPassword whether a password should be automatically generated
379             *         for the user
380             * @param  password1 the user's password
381             * @param  password2 the user's password confirmation
382             * @param  autoScreenName whether a screen name should be automatically
383             *         generated for the user
384             * @param  screenName the user's screen name
385             * @param  emailAddress the user's email address
386             * @param  facebookId the user's facebook ID
387             * @param  openId the user's OpenID
388             * @param  locale the user's locale
389             * @param  firstName the user's first name
390             * @param  middleName the user's middle name
391             * @param  lastName the user's last name
392             * @param  prefixId the user's name prefix ID
393             * @param  suffixId the user's name suffix ID
394             * @param  male whether the user is male
395             * @param  birthdayMonth the user's birthday month (0-based, meaning 0 for
396             *         January)
397             * @param  birthdayDay the user's birthday day
398             * @param  birthdayYear the user's birthday year
399             * @param  jobTitle the user's job title
400             * @param  groupIds the primary keys of the user's groups
401             * @param  organizationIds the primary keys of the user's organizations
402             * @param  roleIds the primary keys of the roles this user possesses
403             * @param  userGroupIds the primary keys of the user's user groups
404             * @param  addresses the user's addresses
405             * @param  emailAddresses the user's email addresses
406             * @param  phones the user's phone numbers
407             * @param  websites the user's websites
408             * @param  announcementsDelivers the announcements deliveries
409             * @param  sendEmail whether to send the user an email notification about
410             *         their new account
411             * @param  serviceContext the user's service context (optionally
412             *         <code>null</code>). Can set the universally unique identifier
413             *         (with the <code>uuid</code> attribute), asset category IDs, asset
414             *         tag names, and expando bridge attributes for the user.
415             * @return the new user
416             * @throws PortalException if the user's information was invalid, if the
417             *         creator did not have permission to add users, if the email
418             *         address was reserved, or some other portal exception occurred
419             * @throws SystemException if a system exception occurred
420             */
421            public User addUserWithWorkflow(
422                            long companyId, boolean autoPassword, String password1,
423                            String password2, boolean autoScreenName, String screenName,
424                            String emailAddress, long facebookId, String openId, Locale locale,
425                            String firstName, String middleName, String lastName, int prefixId,
426                            int suffixId, boolean male, int birthdayMonth, int birthdayDay,
427                            int birthdayYear, String jobTitle, long[] groupIds,
428                            long[] organizationIds, long[] roleIds, long[] userGroupIds,
429                            List<Address> addresses, List<EmailAddress> emailAddresses,
430                            List<Phone> phones, List<Website> websites,
431                            List<AnnouncementsDelivery> announcementsDelivers,
432                            boolean sendEmail, ServiceContext serviceContext)
433                    throws PortalException, SystemException {
434    
435                    boolean indexingEnabled = serviceContext.isIndexingEnabled();
436    
437                    serviceContext.setIndexingEnabled(false);
438    
439                    try {
440                            User user = addUserWithWorkflow(
441                                    companyId, autoPassword, password1, password2, autoScreenName,
442                                    screenName, emailAddress, facebookId, openId, locale, firstName,
443                                    middleName, lastName, prefixId, suffixId, male, birthdayMonth,
444                                    birthdayDay, birthdayYear, jobTitle, groupIds, organizationIds,
445                                    roleIds, userGroupIds, sendEmail, serviceContext);
446    
447                            UsersAdminUtil.updateAddresses(
448                                    Contact.class.getName(), user.getContactId(), addresses);
449    
450                            UsersAdminUtil.updateEmailAddresses(
451                                    Contact.class.getName(), user.getContactId(), emailAddresses);
452    
453                            UsersAdminUtil.updatePhones(
454                                    Contact.class.getName(), user.getContactId(), phones);
455    
456                            UsersAdminUtil.updateWebsites(
457                                    Contact.class.getName(), user.getContactId(), websites);
458    
459                            updateAnnouncementsDeliveries(
460                                    user.getUserId(), announcementsDelivers);
461    
462                            if (indexingEnabled) {
463                                    Indexer indexer = IndexerRegistryUtil.getIndexer(User.class);
464    
465                                    indexer.reindex(user);
466                            }
467    
468                            return user;
469                    }
470                    finally {
471                            serviceContext.setIndexingEnabled(indexingEnabled);
472                    }
473            }
474    
475            /**
476             * Adds a user with workflow.
477             *
478             * <p>
479             * This method handles the creation and bookkeeping of the user including
480             * its resources, metadata, and internal data structures. It is not
481             * necessary to make subsequent calls to any methods to setup default
482             * groups, resources, etc.
483             * </p>
484             *
485             * @param  companyId the primary key of the user's company
486             * @param  autoPassword whether a password should be automatically generated
487             *         for the user
488             * @param  password1 the user's password
489             * @param  password2 the user's password confirmation
490             * @param  autoScreenName whether a screen name should be automatically
491             *         generated for the user
492             * @param  screenName the user's screen name
493             * @param  emailAddress the user's email address
494             * @param  facebookId the user's facebook ID
495             * @param  openId the user's OpenID
496             * @param  locale the user's locale
497             * @param  firstName the user's first name
498             * @param  middleName the user's middle name
499             * @param  lastName the user's last name
500             * @param  prefixId the user's name prefix ID
501             * @param  suffixId the user's name suffix ID
502             * @param  male whether the user is male
503             * @param  birthdayMonth the user's birthday month (0-based, meaning 0 for
504             *         January)
505             * @param  birthdayDay the user's birthday day
506             * @param  birthdayYear the user's birthday year
507             * @param  jobTitle the user's job title
508             * @param  groupIds the primary keys of the user's groups
509             * @param  organizationIds the primary keys of the user's organizations
510             * @param  roleIds the primary keys of the roles this user possesses
511             * @param  userGroupIds the primary keys of the user's user groups
512             * @param  sendEmail whether to send the user an email notification about
513             *         their new account
514             * @param  serviceContext the user's service context (optionally
515             *         <code>null</code>). Can set the universally unique identifier
516             *         (with the <code>uuid</code> attribute), asset category IDs, asset
517             *         tag names, and expando bridge attributes for the user.
518             * @return the new user
519             * @throws PortalException if the user's information was invalid, if the
520             *         creator did not have permission to add users, or if the email
521             *         address was reserved
522             * @throws SystemException if a system exception occurred
523             */
524            public User addUserWithWorkflow(
525                            long companyId, boolean autoPassword, String password1,
526                            String password2, boolean autoScreenName, String screenName,
527                            String emailAddress, long facebookId, String openId, Locale locale,
528                            String firstName, String middleName, String lastName, int prefixId,
529                            int suffixId, boolean male, int birthdayMonth, int birthdayDay,
530                            int birthdayYear, String jobTitle, long[] groupIds,
531                            long[] organizationIds, long[] roleIds, long[] userGroupIds,
532                            boolean sendEmail, ServiceContext serviceContext)
533                    throws PortalException, SystemException {
534    
535                    long creatorUserId = 0;
536    
537                    try {
538                            creatorUserId = getUserId();
539                    }
540                    catch (PrincipalException pe) {
541                    }
542    
543                    checkAddUserPermission(
544                            creatorUserId, companyId, emailAddress, organizationIds,
545                            serviceContext);
546    
547                    return userLocalService.addUserWithWorkflow(
548                            creatorUserId, companyId, autoPassword, password1, password2,
549                            autoScreenName, screenName, emailAddress, facebookId, openId,
550                            locale, firstName, middleName, lastName, prefixId, suffixId, male,
551                            birthdayMonth, birthdayDay, birthdayYear, jobTitle, groupIds,
552                            organizationIds, roleIds, userGroupIds, sendEmail, serviceContext);
553            }
554    
555            /**
556             * Adds the users to the user group.
557             *
558             * @param  userGroupId the primary key of the user group
559             * @param  userIds the primary keys of the users
560             * @throws PortalException if a user group or user with the primary could
561             *         could not be found, or if the current user did not have
562             *         permission to assign group members
563             * @throws SystemException if a system exception occurred
564             */
565            public void addUserGroupUsers(long userGroupId, long[] userIds)
566                    throws PortalException, SystemException {
567    
568                    UserGroupPermissionUtil.check(
569                            getPermissionChecker(), userGroupId, ActionKeys.ASSIGN_MEMBERS);
570    
571                    userLocalService.addUserGroupUsers(userGroupId, userIds);
572            }
573    
574            /**
575             * Deletes the user's portrait image.
576             *
577             * @param  userId the primary key of the user
578             * @throws PortalException if a user with the primary key could not be
579             *         found, if the user's portrait could not be found, or if the
580             *         current user did not have permission to update the user
581             * @throws SystemException if a system exception occurred
582             */
583            public void deletePortrait(long userId)
584                    throws PortalException, SystemException {
585    
586                    UserPermissionUtil.check(
587                            getPermissionChecker(), userId, ActionKeys.UPDATE);
588    
589                    userLocalService.deletePortrait(userId);
590            }
591    
592            /**
593             * Removes the user from the role.
594             *
595             * @param  roleId the primary key of the role
596             * @param  userId the primary key of the user
597             * @throws PortalException if a role or user with the primary key could not
598             *         be found, or if the current user did not have permission to
599             *         assign role members
600             * @throws SystemException if a system exception occurred
601             */
602            public void deleteRoleUser(long roleId, long userId)
603                    throws PortalException, SystemException {
604    
605                    RolePermissionUtil.check(
606                            getPermissionChecker(), roleId, ActionKeys.ASSIGN_MEMBERS);
607    
608                    userLocalService.deleteRoleUser(roleId, userId);
609            }
610    
611            /**
612             * Deletes the user.
613             *
614             * @param  userId the primary key of the user
615             * @throws PortalException if a user with the primary key could not be found
616             *         or if the current user did not have permission to delete the user
617             * @throws SystemException if a system exception occurred
618             */
619            public void deleteUser(long userId)
620                    throws PortalException, SystemException {
621    
622                    if (getUserId() == userId) {
623                            throw new RequiredUserException();
624                    }
625    
626                    UserPermissionUtil.check(
627                            getPermissionChecker(), userId, ActionKeys.DELETE);
628    
629                    userLocalService.deleteUser(userId);
630            }
631    
632            /**
633             * Returns the primary key of the default user for the company.
634             *
635             * @param  companyId the primary key of the company
636             * @return the primary key of the default user for the company
637             * @throws PortalException if a default user for the company could not be
638             *         found
639             * @throws SystemException if a system exception occurred
640             */
641            public long getDefaultUserId(long companyId)
642                    throws PortalException, SystemException {
643    
644                    return userLocalService.getDefaultUserId(companyId);
645            }
646    
647            /**
648             * Returns the primary keys of all the users belonging to the group.
649             *
650             * @param  groupId the primary key of the group
651             * @return the primary keys of the users belonging to the group
652             * @throws PortalException if the current user did not have permission to
653             *         view group assignments
654             * @throws SystemException if a system exception occurred
655             */
656            public long[] getGroupUserIds(long groupId)
657                    throws PortalException, SystemException {
658    
659                    GroupPermissionUtil.check(
660                            getPermissionChecker(), groupId, ActionKeys.VIEW_MEMBERS);
661    
662                    return userLocalService.getGroupUserIds(groupId);
663            }
664    
665            /**
666             * Returns the primary keys of all the users belonging to the organization.
667             *
668             * @param  organizationId the primary key of the organization
669             * @return the primary keys of the users belonging to the organization
670             * @throws PortalException if the current user did not have permission to
671             *         view organization assignments
672             * @throws SystemException if a system exception occurred
673             */
674            public long[] getOrganizationUserIds(long organizationId)
675                    throws PortalException, SystemException {
676    
677                    OrganizationPermissionUtil.check(
678                            getPermissionChecker(), organizationId, ActionKeys.VIEW_MEMBERS);
679    
680                    return userLocalService.getOrganizationUserIds(organizationId);
681            }
682    
683            /**
684             * Returns the primary keys of all the users belonging to the role.
685             *
686             * @param  roleId the primary key of the role
687             * @return the primary keys of the users belonging to the role
688             * @throws PortalException if the current user did not have permission to
689             *         view role members
690             * @throws SystemException if a system exception occurred
691             */
692            public long[] getRoleUserIds(long roleId) throws
693                    PortalException, SystemException {
694    
695                    RolePermissionUtil.check(
696                            getPermissionChecker(), roleId, ActionKeys.VIEW);
697    
698                    return userLocalService.getRoleUserIds(roleId);
699            }
700    
701            /**
702             * Returns the user with the email address.
703             *
704             * @param  companyId the primary key of the user's company
705             * @param  emailAddress the user's email address
706             * @return the user with the email address
707             * @throws PortalException if a user with the email address could not be
708             *         found or if the current user did not have permission to view the
709             *         user
710             * @throws SystemException if a system exception occurred
711             */
712            public User getUserByEmailAddress(long companyId, String emailAddress)
713                    throws PortalException, SystemException {
714    
715                    User user = userLocalService.getUserByEmailAddress(
716                            companyId, emailAddress);
717    
718                    UserPermissionUtil.check(
719                            getPermissionChecker(), user.getUserId(), ActionKeys.VIEW);
720    
721                    return user;
722            }
723    
724            /**
725             * Returns the user with the primary key.
726             *
727             * @param  userId the primary key of the user
728             * @return the user with the primary key
729             * @throws PortalException if a user with the primary key could not be found
730             *         or if the current user did not have permission to view the user
731             * @throws SystemException if a system exception occurred
732             */
733            public User getUserById(long userId)
734                    throws PortalException, SystemException {
735    
736                    User user = userPersistence.findByPrimaryKey(userId);
737    
738                    UserPermissionUtil.check(
739                            getPermissionChecker(), user.getUserId(), ActionKeys.VIEW);
740    
741                    return user;
742            }
743    
744            /**
745             * Returns the user with the screen name.
746             *
747             * @param  companyId the primary key of the user's company
748             * @param  screenName the user's screen name
749             * @return the user with the screen name
750             * @throws PortalException if a user with the screen name could not be found
751             *         or if the current user did not have permission to veiw the user
752             * @throws SystemException if a system exception occurred
753             */
754            public User getUserByScreenName(long companyId, String screenName)
755                    throws PortalException, SystemException {
756    
757                    User user = userLocalService.getUserByScreenName(companyId, screenName);
758    
759                    UserPermissionUtil.check(
760                            getPermissionChecker(), user.getUserId(), ActionKeys.VIEW);
761    
762                    return user;
763            }
764    
765            /**
766             * Returns the primary key of the user with the email address.
767             *
768             * @param  companyId the primary key of the user's company
769             * @param  emailAddress the user's email address
770             * @return the primary key of the user with the email address
771             * @throws PortalException if a user with the email address could not be
772             *         found
773             * @throws SystemException if a system exception occurred
774             */
775            public long getUserIdByEmailAddress(long companyId, String emailAddress)
776                    throws PortalException, SystemException {
777    
778                    User user = getUserByEmailAddress(companyId, emailAddress);
779    
780                    return user.getUserId();
781            }
782    
783            /**
784             * Returns the primary key of the user with the screen name.
785             *
786             * @param  companyId the primary key of the user's company
787             * @param  screenName the user's screen name
788             * @return the primary key of the user with the screen name
789             * @throws PortalException if a user with the screen name could not be found
790             * @throws SystemException if a system exception occurred
791             */
792            public long getUserIdByScreenName(long companyId, String screenName)
793                    throws PortalException, SystemException {
794    
795                    User user = getUserByScreenName(companyId, screenName);
796    
797                    return user.getUserId();
798            }
799    
800            /**
801             * Returns <code>true</code> if the user is a member of the group.
802             *
803             * @param  groupId the primary key of the group
804             * @param  userId the primary key of the user
805             * @return <code>true</code> if the user is a member of the group;
806             *         <code>false</code> otherwise
807             * @throws SystemException if a system exception occurred
808             */
809            public boolean hasGroupUser(long groupId, long userId)
810                    throws SystemException {
811    
812                    return userLocalService.hasGroupUser(groupId, userId);
813            }
814    
815            /**
816             * Returns <code>true</code> if the user is a member of the role.
817             *
818             * @param  roleId the primary key of the role
819             * @param  userId the primary key of the user
820             * @return <code>true</code> if the user is a member of the role;
821             *         <code>false</code> otherwise
822             * @throws SystemException if a system exception occurred
823             */
824            public boolean hasRoleUser(long roleId, long userId)
825                    throws SystemException {
826    
827                    return userLocalService.hasRoleUser(roleId, userId);
828            }
829    
830            /**
831             * Returns <code>true</code> if the user has the role with the name,
832             * optionally through inheritance.
833             *
834             * @param  companyId the primary key of the role's company
835             * @param  name the name of the role (must be a regular role, not an
836             *         organization, site or provider role)
837             * @param  userId the primary key of the user
838             * @param  inherited whether to include roles inherited from organizations,
839             *         sites, etc.
840             * @return <code>true</code> if the user has the role; <code>false</code>
841             *         otherwise
842             * @throws PortalException if a role with the name could not be found
843             * @throws SystemException if a system exception occurred
844             */
845            public boolean hasRoleUser(
846                            long companyId, String name, long userId, boolean inherited)
847                    throws PortalException, SystemException {
848    
849                    return userLocalService.hasRoleUser(companyId, name, userId, inherited);
850            }
851    
852            /**
853             * Updates a user account that was automatically created when a guest user
854             * participated in an action (e.g. posting a comment) and only provided his
855             * name and email address.
856             *
857             * @param  companyId the primary key of the user's company
858             * @param  autoPassword whether a password should be automatically generated
859             *         for the user
860             * @param  password1 the user's password
861             * @param  password2 the user's password confirmation
862             * @param  autoScreenName whether a screen name should be automatically
863             *         generated for the user
864             * @param  screenName the user's screen name
865             * @param  emailAddress the user's email address
866             * @param  facebookId the user's facebook ID
867             * @param  openId the user's OpenID
868             * @param  locale the user's locale
869             * @param  firstName the user's first name
870             * @param  middleName the user's middle name
871             * @param  lastName the user's last name
872             * @param  prefixId the user's name prefix ID
873             * @param  suffixId the user's name suffix ID
874             * @param  male whether the user is male
875             * @param  birthdayMonth the user's birthday month (0-based, meaning 0 for
876             *         January)
877             * @param  birthdayDay the user's birthday day
878             * @param  birthdayYear the user's birthday year
879             * @param  jobTitle the user's job title
880             * @param  updateUserInformation whether to update the user's information
881             * @param  sendEmail whether to send the user an email notification about
882             *         their new account
883             * @param  serviceContext the user's service context (optionally
884             *         <code>null</code>). Can set the expando bridge attributes for the
885             *         user.
886             * @return the user
887             * @throws PortalException if the user's information was invalid or if the
888             *         email address was reserved
889             * @throws SystemException if a system exception occurred
890             */
891            public User updateIncompleteUser(
892                            long companyId, boolean autoPassword, String password1,
893                            String password2, boolean autoScreenName, String screenName,
894                            String emailAddress, long facebookId, String openId, Locale locale,
895                            String firstName, String middleName, String lastName, int prefixId,
896                            int suffixId, boolean male, int birthdayMonth, int birthdayDay,
897                            int birthdayYear, String jobTitle, boolean updateUserInformation,
898                            boolean sendEmail, ServiceContext serviceContext)
899                    throws PortalException, SystemException {
900    
901                    long creatorUserId = 0;
902    
903                    try {
904                            creatorUserId = getUserId();
905                    }
906                    catch (PrincipalException pe) {
907                    }
908    
909                    checkAddUserPermission(
910                            creatorUserId, companyId, emailAddress, null, serviceContext);
911    
912                    return userLocalService.updateIncompleteUser(
913                            creatorUserId, companyId, autoPassword, password1, password2,
914                            autoScreenName, screenName, emailAddress, facebookId, openId,
915                            locale, firstName, middleName, lastName, prefixId, suffixId, male,
916                            birthdayMonth, birthdayDay, birthdayYear, jobTitle,
917                            updateUserInformation, sendEmail, serviceContext);
918            }
919    
920            /**
921             * Sets the users in the role, removing and adding users to the role as
922             * necessary.
923             *
924             * @param  roleId the primary key of the role
925             * @param  userIds the primary keys of the users
926             * @throws PortalException if the current user did not have permission to
927             *         assign role members
928             * @throws SystemException if a system exception occurred
929             */
930            public void setRoleUsers(long roleId, long[] userIds)
931                    throws PortalException, SystemException {
932    
933                    RolePermissionUtil.check(
934                            getPermissionChecker(), roleId, ActionKeys.ASSIGN_MEMBERS);
935    
936                    userLocalService.setRoleUsers(roleId, userIds);
937            }
938    
939            /**
940             * Sets the users in the user group, removing and adding users to the user
941             * group as necessary.
942             *
943             * @param  userGroupId the primary key of the user group
944             * @param  userIds the primary keys of the users
945             * @throws PortalException if the current user did not have permission to
946             *         assign group members
947             * @throws SystemException if a system exception occurred
948             */
949            public void setUserGroupUsers(long userGroupId, long[] userIds)
950                    throws PortalException, SystemException {
951    
952                    UserGroupPermissionUtil.check(
953                            getPermissionChecker(), userGroupId, ActionKeys.ASSIGN_MEMBERS);
954    
955                    userLocalService.setUserGroupUsers(userGroupId, userIds);
956            }
957    
958            /**
959             * Removes the users from the group.
960             *
961             * @param  groupId the primary key of the group
962             * @param  userIds the primary keys of the users
963             * @throws PortalException if the current user did not have permission to
964             *         modify group assignments
965             * @throws SystemException if a system exception occurred
966             */
967            public void unsetGroupUsers(
968                            long groupId, long[] userIds, ServiceContext serviceContext)
969                    throws PortalException, SystemException {
970    
971                    try {
972                            GroupPermissionUtil.check(
973                                    getPermissionChecker(), groupId, ActionKeys.ASSIGN_MEMBERS);
974                    }
975                    catch (PrincipalException pe) {
976    
977                            // Allow any user to leave open and restricted sites
978    
979                            boolean hasPermission = false;
980    
981                            if (userIds.length == 0) {
982                                    hasPermission = true;
983                            }
984                            else if (userIds.length == 1) {
985                                    User user = getUser();
986    
987                                    if (user.getUserId() == userIds[0]) {
988                                            Group group = groupPersistence.findByPrimaryKey(groupId);
989    
990                                            if (user.getCompanyId() == group.getCompanyId()) {
991                                                    int type = group.getType();
992    
993                                                    if ((type == GroupConstants.TYPE_SITE_OPEN) ||
994                                                            (type == GroupConstants.TYPE_SITE_RESTRICTED)) {
995    
996                                                            hasPermission = true;
997                                                    }
998                                            }
999                                    }
1000                            }
1001    
1002                            if (!hasPermission) {
1003                                    throw new PrincipalException();
1004                            }
1005                    }
1006    
1007                    userLocalService.unsetGroupUsers(groupId, userIds, serviceContext);
1008            }
1009    
1010            /**
1011             * Removes the users from the organization.
1012             *
1013             * @param  organizationId the primary key of the organization
1014             * @param  userIds the primary keys of the users
1015             * @throws PortalException if the current user did not have permission to
1016             *         modify organization assignments
1017             * @throws SystemException if a system exception occurred
1018             */
1019            public void unsetOrganizationUsers(long organizationId, long[] userIds)
1020                    throws PortalException, SystemException {
1021    
1022                    OrganizationPermissionUtil.check(
1023                            getPermissionChecker(), organizationId,
1024                            ActionKeys.ASSIGN_MEMBERS);
1025    
1026                    userLocalService.unsetOrganizationUsers(organizationId, userIds);
1027            }
1028    
1029            /**
1030             * Removes the users from the password policy.
1031             *
1032             * @param  passwordPolicyId the primary key of the password policy
1033             * @param  userIds the primary keys of the users
1034             * @throws PortalException if the current user did not have permission to
1035             *         modify policy assignments
1036             * @throws SystemException if a system exception occurred
1037             */
1038            public void unsetPasswordPolicyUsers(long passwordPolicyId, long[] userIds)
1039                    throws PortalException, SystemException {
1040    
1041                    PasswordPolicyPermissionUtil.check(
1042                            getPermissionChecker(), passwordPolicyId,
1043                            ActionKeys.ASSIGN_MEMBERS);
1044    
1045                    userLocalService.unsetPasswordPolicyUsers(passwordPolicyId, userIds);
1046            }
1047    
1048            /**
1049             * Removes the users from the role.
1050             *
1051             * @param  roleId the primary key of the role
1052             * @param  userIds the primary keys of the users
1053             * @throws PortalException if the current user did not have permission to
1054             *         modify role assignments
1055             * @throws SystemException if a system exception occurred
1056             */
1057            public void unsetRoleUsers(long roleId, long[] userIds)
1058                    throws PortalException, SystemException {
1059    
1060                    RolePermissionUtil.check(
1061                            getPermissionChecker(), roleId, ActionKeys.ASSIGN_MEMBERS);
1062    
1063                    userLocalService.unsetRoleUsers(roleId, userIds);
1064            }
1065    
1066            /**
1067             * Removes the users from the team.
1068             *
1069             * @param  teamId the primary key of the team
1070             * @param  userIds the primary keys of the users
1071             * @throws PortalException if the current user did not have permission to
1072             *         modify team assignments
1073             * @throws SystemException if a system exception occurred
1074             */
1075            public void unsetTeamUsers(long teamId, long[] userIds)
1076                    throws PortalException, SystemException {
1077    
1078                    TeamPermissionUtil.check(
1079                            getPermissionChecker(), teamId, ActionKeys.ASSIGN_MEMBERS);
1080    
1081                    userLocalService.unsetTeamUsers(teamId, userIds);
1082            }
1083    
1084            /**
1085             * Removes the users from the user group.
1086             *
1087             * @param  userGroupId the primary key of the user group
1088             * @param  userIds the primary keys of the users
1089             * @throws PortalException if the current user did not have permission to
1090             *         modify user group assignments
1091             * @throws SystemException if a system exception occurred
1092             */
1093            public void unsetUserGroupUsers(long userGroupId, long[] userIds)
1094                    throws PortalException, SystemException {
1095    
1096                    UserGroupPermissionUtil.check(
1097                            getPermissionChecker(), userGroupId, ActionKeys.ASSIGN_MEMBERS);
1098    
1099                    userLocalService.unsetUserGroupUsers(userGroupId, userIds);
1100            }
1101    
1102            /**
1103             * Updates the user's response to the terms of use agreement.
1104             *
1105             * @param  userId the primary key of the user
1106             * @param  agreedToTermsOfUse whether the user has agree to the terms of use
1107             * @return the user
1108             * @throws PortalException if the current user did not have permission to
1109             *         update the user's agreement to terms-of-use
1110             * @throws SystemException if a system exception occurred
1111             */
1112            public User updateAgreedToTermsOfUse(
1113                            long userId, boolean agreedToTermsOfUse)
1114                    throws PortalException, SystemException {
1115    
1116                    UserPermissionUtil.check(
1117                            getPermissionChecker(), userId, ActionKeys.UPDATE);
1118    
1119                    return userLocalService.updateAgreedToTermsOfUse(
1120                            userId, agreedToTermsOfUse);
1121            }
1122    
1123            /**
1124             * Updates the user's email address.
1125             *
1126             * @param  userId the primary key of the user
1127             * @param  password the user's password
1128             * @param  emailAddress1 the user's new email address
1129             * @param  emailAddress2 the user's new email address confirmation
1130             * @return the user
1131             * @throws PortalException if a user with the primary key could not be found
1132             *         or if the current user did not have permission to update the user
1133             * @throws SystemException if a system exception occurred
1134             */
1135            public User updateEmailAddress(
1136                            long userId, String password, String emailAddress1,
1137                            String emailAddress2, ServiceContext serviceContext)
1138                    throws PortalException, SystemException {
1139    
1140                    UserPermissionUtil.check(
1141                            getPermissionChecker(), userId, ActionKeys.UPDATE);
1142    
1143                    return userLocalService.updateEmailAddress(
1144                            userId, password, emailAddress1, emailAddress2, serviceContext);
1145            }
1146    
1147            /**
1148             * Updates whether the user is locked out from logging in.
1149             *
1150             * @param  userId the primary key of the user
1151             * @param  lockout whether the user is locked out
1152             * @return the user
1153             * @throws PortalException if the user did not have permission to lock out
1154             *         the user
1155             * @throws SystemException if a system exception occurred
1156             */
1157            public User updateLockoutById(long userId, boolean lockout)
1158                    throws PortalException, SystemException {
1159    
1160                    UserPermissionUtil.check(
1161                            getPermissionChecker(), userId, ActionKeys.DELETE);
1162    
1163                    return userLocalService.updateLockoutById(userId, lockout);
1164            }
1165    
1166            /**
1167             * Updates the user's OpenID.
1168             *
1169             * @param  userId the primary key of the user
1170             * @param  openId the new OpenID
1171             * @return the user
1172             * @throws PortalException if a user with the primary key could not be found
1173             *         or if the current user did not have permission to update the user
1174             * @throws SystemException if a system exception occurred
1175             */
1176            public User updateOpenId(long userId, String openId)
1177                    throws PortalException, SystemException {
1178    
1179                    UserPermissionUtil.check(
1180                            getPermissionChecker(), userId, ActionKeys.UPDATE);
1181    
1182                    return userLocalService.updateOpenId(userId, openId);
1183            }
1184    
1185            /**
1186             * Sets the organizations that the user is in, removing and adding
1187             * organizations as necessary.
1188             *
1189             * @param  userId the primary key of the user
1190             * @param  organizationIds the primary keys of the organizations
1191             * @throws PortalException if a user with the primary key could not be found
1192             *         or if the current user did not have permission to update the user
1193             * @throws SystemException if a system exception occurred
1194             */
1195            public void updateOrganizations(
1196                            long userId, long[] organizationIds, ServiceContext serviceContext)
1197                    throws PortalException, SystemException {
1198    
1199                    UserPermissionUtil.check(
1200                            getPermissionChecker(), userId, ActionKeys.UPDATE);
1201    
1202                    userLocalService.updateOrganizations(
1203                            userId, organizationIds, serviceContext);
1204            }
1205    
1206            /**
1207             * Updates the user's password without tracking or validation of the change.
1208             *
1209             * @param  userId the primary key of the user
1210             * @param  password1 the user's new password
1211             * @param  password2 the user's new password confirmation
1212             * @param  passwordReset whether the user should be asked to reset their
1213             *         password the next time they log in
1214             * @return the user
1215             * @throws PortalException if a user with the primary key could not be found
1216             *         or if the current user did not have permission to update the user
1217             * @throws SystemException if a system exception occurred
1218             */
1219            public User updatePassword(
1220                            long userId, String password1, String password2,
1221                            boolean passwordReset)
1222                    throws PortalException, SystemException {
1223    
1224                    UserPermissionUtil.check(
1225                            getPermissionChecker(), userId, ActionKeys.UPDATE);
1226    
1227                    return userLocalService.updatePassword(
1228                            userId, password1, password2, passwordReset);
1229            }
1230    
1231            /**
1232             * Updates the user's portrait image.
1233             *
1234             * @param  userId the primary key of the user
1235             * @param  bytes the new portrait image data
1236             * @return the user
1237             * @throws PortalException if a user with the primary key could not be
1238             *         found, if the new portrait was invalid, or if the current user
1239             *         did not have permission to update the user
1240             * @throws SystemException if a system exception occurred
1241             */
1242            public User updatePortrait(long userId, byte[] bytes)
1243                    throws PortalException, SystemException {
1244    
1245                    UserPermissionUtil.check(
1246                            getPermissionChecker(), userId, ActionKeys.UPDATE);
1247    
1248                    return userLocalService.updatePortrait(userId, bytes);
1249            }
1250    
1251            /**
1252             * Updates the user's password reset question and answer.
1253             *
1254             * @param  userId the primary key of the user
1255             * @param  question the user's new password reset question
1256             * @param  answer the user's new password reset answer
1257             * @return the user
1258             * @throws PortalException if a user with the primary key could not be
1259             *         found, if the new question or answer were invalid, or if the
1260             *         current user did not have permission to update the user
1261             * @throws SystemException if a system exception occurred
1262             */
1263            public User updateReminderQuery(long userId, String question, String answer)
1264                    throws PortalException, SystemException {
1265    
1266                    UserPermissionUtil.check(
1267                            getPermissionChecker(), userId, ActionKeys.UPDATE);
1268    
1269                    return userLocalService.updateReminderQuery(userId, question, answer);
1270            }
1271    
1272            /**
1273             * Updates the user's screen name.
1274             *
1275             * @param  userId the primary key of the user
1276             * @param  screenName the user's new screen name
1277             * @return the user
1278             * @throws PortalException if a user with the primary key could not be
1279             *         found, if the new screen name was invalid, or if the current user
1280             *         did not have permission to update the user
1281             * @throws SystemException if a system exception occurred
1282             */
1283            public User updateScreenName(long userId, String screenName)
1284                    throws PortalException, SystemException {
1285    
1286                    UserPermissionUtil.check(
1287                            getPermissionChecker(), userId, ActionKeys.UPDATE);
1288    
1289                    return userLocalService.updateScreenName(userId, screenName);
1290            }
1291    
1292            /**
1293             * Updates the user's workflow status.
1294             *
1295             * @param  userId the primary key of the user
1296             * @param  status the user's new workflow status
1297             * @return the user
1298             * @throws PortalException if a user with the primary key could not be
1299             *         found, if the current user was updating her own status to
1300             *         anything but {@link WorkflowConstants.STATUS_APPROVED}, or if the
1301             *         current user did not have permission to update the user's
1302             *         workflow status.
1303             * @throws SystemException if a system exception occurred
1304             */
1305            public User updateStatus(long userId, int status)
1306                    throws PortalException, SystemException {
1307    
1308                    if ((getUserId() == userId) &&
1309                            (status != WorkflowConstants.STATUS_APPROVED)) {
1310    
1311                            throw new RequiredUserException();
1312                    }
1313    
1314                    UserPermissionUtil.check(
1315                            getPermissionChecker(), userId, ActionKeys.DELETE);
1316    
1317                    return userLocalService.updateStatus(userId, status);
1318            }
1319    
1320            /**
1321             * Updates the user with additional parameters.
1322             *
1323             * @param  userId the primary key of the user
1324             * @param  oldPassword the user's old password
1325             * @param  newPassword1 the user's new password (optionally
1326             *         <code>null</code>)
1327             * @param  newPassword2 the user's new password confirmation (optionally
1328             *         <code>null</code>)
1329             * @param  passwordReset whether the user should be asked to reset their
1330             *         password the next time they login
1331             * @param  reminderQueryQuestion the user's new password reset question
1332             * @param  reminderQueryAnswer the user's new password reset answer
1333             * @param  screenName the user's new screen name
1334             * @param  emailAddress the user's new email address
1335             * @param  facebookId the user's new Facebook ID
1336             * @param  openId the user's new OpenID
1337             * @param  languageId the user's new language ID
1338             * @param  timeZoneId the user's new time zone ID
1339             * @param  greeting the user's new greeting
1340             * @param  comments the user's new comments
1341             * @param  firstName the user's new first name
1342             * @param  middleName the user's new middle name
1343             * @param  lastName the user's new last name
1344             * @param  prefixId the user's new name prefix ID
1345             * @param  suffixId the user's new name suffix ID
1346             * @param  male whether user is male
1347             * @param  birthdayMonth the user's new birthday month (0-based, meaning 0
1348             *         for January)
1349             * @param  birthdayDay the user's new birthday day
1350             * @param  birthdayYear the user's birthday year
1351             * @param  smsSn the user's new SMS screen name
1352             * @param  aimSn the user's new AIM screen name
1353             * @param  facebookSn the user's new Facebook screen name
1354             * @param  icqSn the user's new ICQ screen name
1355             * @param  jabberSn the user's new Jabber screen name
1356             * @param  msnSn the user's new MSN screen name
1357             * @param  mySpaceSn the user's new MySpace screen name
1358             * @param  skypeSn the user's new Skype screen name
1359             * @param  twitterSn the user's new Twitter screen name
1360             * @param  ymSn the user's new Yahoo! Messenger screen name
1361             * @param  jobTitle the user's new job title
1362             * @param  groupIds the primary keys of the user's groups
1363             * @param  organizationIds the primary keys of the user's organizations
1364             * @param  roleIds the primary keys of the user's roles
1365             * @param  userGroupRoles the user user's group roles
1366             * @param  userGroupIds the primary keys of the user's user groups
1367             * @param  addresses the user's addresses
1368             * @param  emailAddresses the user's email addresses
1369             * @param  phones the user's phone numbers
1370             * @param  websites the user's websites
1371             * @param  announcementsDelivers the announcements deliveries
1372             * @param  serviceContext the user's service context (optionally
1373             *         <code>null</code>). Can set the universally unique identifier
1374             *         (with the <code>uuid</code> attribute), asset category IDs, asset
1375             *         tag names, and expando bridge attributes for the user.
1376             * @return the user
1377             * @throws PortalException if a user with the primary key could not be
1378             *         found, if the new information was invalid, or if the current user
1379             *         did not have permission to update the user
1380             * @throws SystemException if a system exception occurred
1381             */
1382            public User updateUser(
1383                            long userId, String oldPassword, String newPassword1,
1384                            String newPassword2, boolean passwordReset,
1385                            String reminderQueryQuestion, String reminderQueryAnswer,
1386                            String screenName, String emailAddress, long facebookId,
1387                            String openId, String languageId, String timeZoneId,
1388                            String greeting, String comments, String firstName,
1389                            String middleName, String lastName, int prefixId, int suffixId,
1390                            boolean male, int birthdayMonth, int birthdayDay, int birthdayYear,
1391                            String smsSn, String aimSn, String facebookSn, String icqSn,
1392                            String jabberSn, String msnSn, String mySpaceSn, String skypeSn,
1393                            String twitterSn, String ymSn, String jobTitle, long[] groupIds,
1394                            long[] organizationIds, long[] roleIds,
1395                            List<UserGroupRole> userGroupRoles, long[] userGroupIds,
1396                            List<Address> addresses, List<EmailAddress> emailAddresses,
1397                            List<Phone> phones, List<Website> websites,
1398                            List<AnnouncementsDelivery> announcementsDelivers,
1399                            ServiceContext serviceContext)
1400                    throws PortalException, SystemException {
1401    
1402                    User user = userPersistence.findByPrimaryKey(userId);
1403    
1404                    UsersAdminUtil.updateAddresses(
1405                            Contact.class.getName(), user.getContactId(), addresses);
1406    
1407                    UsersAdminUtil.updateEmailAddresses(
1408                            Contact.class.getName(), user.getContactId(), emailAddresses);
1409    
1410                    UsersAdminUtil.updatePhones(
1411                            Contact.class.getName(), user.getContactId(), phones);
1412    
1413                    UsersAdminUtil.updateWebsites(
1414                            Contact.class.getName(), user.getContactId(), websites);
1415    
1416                    updateAnnouncementsDeliveries(user.getUserId(), announcementsDelivers);
1417    
1418                    user = updateUser(
1419                            userId, oldPassword, newPassword1, newPassword2, passwordReset,
1420                            reminderQueryQuestion, reminderQueryAnswer, screenName,
1421                            emailAddress, facebookId, openId, languageId, timeZoneId, greeting,
1422                            comments, firstName, middleName, lastName, prefixId, suffixId, male,
1423                            birthdayMonth, birthdayDay, birthdayYear, smsSn, aimSn, facebookSn,
1424                            icqSn, jabberSn, msnSn, mySpaceSn, skypeSn, twitterSn, ymSn,
1425                            jobTitle, groupIds, organizationIds, roleIds,
1426                            userGroupRoles, userGroupIds, serviceContext);
1427    
1428                    return user;
1429            }
1430    
1431            /**
1432             * Updates the user.
1433             *
1434             * @param  userId the primary key of the user
1435             * @param  oldPassword the user's old password
1436             * @param  newPassword1 the user's new password (optionally
1437             *         <code>null</code>)
1438             * @param  newPassword2 the user's new password confirmation (optionally
1439             *         <code>null</code>)
1440             * @param  passwordReset whether the user should be asked to reset their
1441             *         password the next time they login
1442             * @param  reminderQueryQuestion the user's new password reset question
1443             * @param  reminderQueryAnswer the user's new password reset answer
1444             * @param  screenName the user's new screen name
1445             * @param  emailAddress the user's new email address
1446             * @param  facebookId the user's new Facebook ID
1447             * @param  openId the user's new OpenID
1448             * @param  languageId the user's new language ID
1449             * @param  timeZoneId the user's new time zone ID
1450             * @param  greeting the user's new greeting
1451             * @param  comments the user's new comments
1452             * @param  firstName the user's new first name
1453             * @param  middleName the user's new middle name
1454             * @param  lastName the user's new last name
1455             * @param  prefixId the user's new name prefix ID
1456             * @param  suffixId the user's new name suffix ID
1457             * @param  male whether user is male
1458             * @param  birthdayMonth the user's new birthday month (0-based, meaning 0
1459             *         for January)
1460             * @param  birthdayDay the user's new birthday day
1461             * @param  birthdayYear the user's birthday year
1462             * @param  smsSn the user's new SMS screen name
1463             * @param  aimSn the user's new AIM screen name
1464             * @param  facebookSn the user's new Facebook screen name
1465             * @param  icqSn the user's new ICQ screen name
1466             * @param  jabberSn the user's new Jabber screen name
1467             * @param  msnSn the user's new MSN screen name
1468             * @param  mySpaceSn the user's new MySpace screen name
1469             * @param  skypeSn the user's new Skype screen name
1470             * @param  twitterSn the user's new Twitter screen name
1471             * @param  ymSn the user's new Yahoo! Messenger screen name
1472             * @param  jobTitle the user's new job title
1473             * @param  groupIds the primary keys of the user's groups
1474             * @param  organizationIds the primary keys of the user's organizations
1475             * @param  roleIds the primary keys of the user's roles
1476             * @param  userGroupRoles the user user's group roles
1477             * @param  userGroupIds the primary keys of the user's user groups
1478             * @param  serviceContext the user's service context (optionally
1479             *         <code>null</code>). Can set the universally unique identifier
1480             *         (with the <code>uuid</code> attribute), asset category IDs, asset
1481             *         tag names, and expando bridge attributes for the user.
1482             * @return the user
1483             * @throws PortalException if a user with the primary key could not be
1484             *         found, if the new information was invalid, or if the current user
1485             *         did not have permission to update the user
1486             * @throws SystemException if a system exception occurred
1487             */
1488            public User updateUser(
1489                            long userId, String oldPassword, String newPassword1,
1490                            String newPassword2, boolean passwordReset,
1491                            String reminderQueryQuestion, String reminderQueryAnswer,
1492                            String screenName, String emailAddress, long facebookId,
1493                            String openId, String languageId, String timeZoneId,
1494                            String greeting, String comments, String firstName,
1495                            String middleName, String lastName, int prefixId, int suffixId,
1496                            boolean male, int birthdayMonth, int birthdayDay, int birthdayYear,
1497                            String smsSn, String aimSn, String facebookSn, String icqSn,
1498                            String jabberSn, String msnSn, String mySpaceSn, String skypeSn,
1499                            String twitterSn, String ymSn, String jobTitle, long[] groupIds,
1500                            long[] organizationIds, long[] roleIds,
1501                            List<UserGroupRole> userGroupRoles, long[] userGroupIds,
1502                            ServiceContext serviceContext)
1503                    throws PortalException, SystemException {
1504    
1505                    UserPermissionUtil.check(
1506                            getPermissionChecker(), userId, organizationIds, ActionKeys.UPDATE);
1507    
1508                    long curUserId = getUserId();
1509    
1510                    if (curUserId == userId) {
1511                            User user = userPersistence.findByPrimaryKey(userId);
1512    
1513                            screenName = screenName.trim().toLowerCase();
1514    
1515                            if (!screenName.equalsIgnoreCase(user.getScreenName())) {
1516                                    validateScreenName(user, screenName);
1517                            }
1518    
1519                            emailAddress = emailAddress.trim().toLowerCase();
1520    
1521                            if (!emailAddress.equalsIgnoreCase(user.getEmailAddress())) {
1522                                    validateEmailAddress(user, emailAddress);
1523                            }
1524                    }
1525    
1526                    if (groupIds != null) {
1527                            groupIds = checkGroups(userId, groupIds);
1528                    }
1529    
1530                    if (organizationIds != null) {
1531                            organizationIds = checkOrganizations(userId, organizationIds);
1532                    }
1533    
1534                    if (roleIds != null) {
1535                            roleIds = checkRoles(userId, roleIds);
1536                    }
1537    
1538                    if (userGroupRoles != null) {
1539                            userGroupRoles = checkUserGroupRoles(userId, userGroupRoles);
1540                    }
1541    
1542                    return userLocalService.updateUser(
1543                            userId, oldPassword, newPassword1, newPassword2, passwordReset,
1544                            reminderQueryQuestion, reminderQueryAnswer, screenName,
1545                            emailAddress, facebookId, openId, languageId, timeZoneId, greeting,
1546                            comments, firstName, middleName, lastName, prefixId, suffixId, male,
1547                            birthdayMonth, birthdayDay, birthdayYear, smsSn, aimSn, facebookSn,
1548                            icqSn, jabberSn, msnSn, mySpaceSn, skypeSn, twitterSn, ymSn,
1549                            jobTitle, groupIds, organizationIds, roleIds, userGroupRoles,
1550                            userGroupIds, serviceContext);
1551            }
1552    
1553            protected void checkAddUserPermission(
1554                            long creatorUserId, long companyId, String emailAddress,
1555                            long[] organizationIds, ServiceContext serviceContext)
1556                    throws PortalException, SystemException {
1557    
1558                    Company company = companyPersistence.findByPrimaryKey(companyId);
1559    
1560                    boolean anonymousUser = GetterUtil.getBoolean(
1561                            serviceContext.getAttribute("anonymousUser"));
1562    
1563                    if ((creatorUserId != 0) ||
1564                            (!company.isStrangers() && !anonymousUser)) {
1565    
1566                            if (!PortalPermissionUtil.contains(
1567                                            getPermissionChecker(), ActionKeys.ADD_USER) &&
1568                                    !OrganizationPermissionUtil.contains(
1569                                            getPermissionChecker(), organizationIds,
1570                                            ActionKeys.ASSIGN_MEMBERS)) {
1571    
1572                                    throw new PrincipalException();
1573                            }
1574                    }
1575    
1576                    if (creatorUserId == 0) {
1577                            if (!company.isStrangersWithMx() &&
1578                                    company.hasCompanyMx(emailAddress)) {
1579    
1580                                    throw new ReservedUserEmailAddressException();
1581                            }
1582                    }
1583            }
1584    
1585            protected long[] checkGroups(long userId, long[] groupIds)
1586                    throws PortalException, SystemException {
1587    
1588                    // Add back any groups that the administrator does not have the rights
1589                    // to remove and check that he has the permission to add any new group
1590    
1591                    List<Group> oldGroups = groupLocalService.getUserGroups(userId);
1592                    long[] oldGroupIds = new long[oldGroups.size()];
1593    
1594                    for (int i = 0; i < oldGroups.size(); i++) {
1595                            Group group = oldGroups.get(i);
1596    
1597                            if (!ArrayUtil.contains(groupIds, group.getGroupId()) &&
1598                                    !GroupPermissionUtil.contains(
1599                                            getPermissionChecker(), group.getGroupId(),
1600                                            ActionKeys.ASSIGN_MEMBERS)) {
1601    
1602                                    groupIds = ArrayUtil.append(groupIds, group.getGroupId());
1603                            }
1604    
1605                            oldGroupIds[i] = group.getGroupId();
1606                    }
1607    
1608                    for (long groupId : groupIds) {
1609                            if (!ArrayUtil.contains(oldGroupIds, groupId)) {
1610                                    GroupPermissionUtil.check(
1611                                            getPermissionChecker(), groupId, ActionKeys.ASSIGN_MEMBERS);
1612                            }
1613                    }
1614    
1615                    return groupIds;
1616            }
1617    
1618            protected long[] checkOrganizations(long userId, long[] organizationIds)
1619                    throws PortalException, SystemException {
1620    
1621                    // Add back any organizations that the administrator does not have the
1622                    // rights to remove and check that he has the permission to add any new
1623                    // organization
1624    
1625                    List<Organization> oldOrganizations =
1626                            organizationLocalService.getUserOrganizations(userId);
1627                    long[] oldOrganizationIds = new long[oldOrganizations.size()];
1628    
1629                    for (int i = 0; i < oldOrganizations.size(); i++) {
1630                            Organization organization = oldOrganizations.get(i);
1631    
1632                            if (!ArrayUtil.contains(
1633                                            organizationIds, organization.getOrganizationId()) &&
1634                                    !OrganizationPermissionUtil.contains(
1635                                            getPermissionChecker(), organization.getOrganizationId(),
1636                                            ActionKeys.ASSIGN_MEMBERS)) {
1637    
1638                                    organizationIds = ArrayUtil.append(
1639                                            organizationIds, organization.getOrganizationId());
1640                            }
1641    
1642                            oldOrganizationIds[i] = organization.getOrganizationId();
1643                    }
1644    
1645                    for (long organizationId : organizationIds) {
1646                            if (!ArrayUtil.contains(oldOrganizationIds, organizationId)) {
1647                                    OrganizationPermissionUtil.check(
1648                                            getPermissionChecker(), organizationId,
1649                                            ActionKeys.ASSIGN_MEMBERS);
1650                            }
1651                    }
1652    
1653                    return organizationIds;
1654            }
1655    
1656            protected long[] checkRoles(long userId, long[] roleIds)
1657                    throws PrincipalException, SystemException {
1658    
1659                    // Add back any roles that the administrator does not have the rights to
1660                    // remove and check that he has the permission to add any new role
1661    
1662                    List<Role> oldRoles = roleLocalService.getUserRoles(userId);
1663                    long[] oldRoleIds = new long[oldRoles.size()];
1664    
1665                    for (int i = 0; i < oldRoles.size(); i++) {
1666                            Role role = oldRoles.get(i);
1667    
1668                            if (!ArrayUtil.contains(roleIds, role.getRoleId()) &&
1669                                    !RolePermissionUtil.contains(
1670                                            getPermissionChecker(), role.getRoleId(),
1671                                            ActionKeys.ASSIGN_MEMBERS)) {
1672    
1673                                    roleIds = ArrayUtil.append(roleIds, role.getRoleId());
1674                            }
1675    
1676                            oldRoleIds[i] = role.getRoleId();
1677                    }
1678    
1679                    for (long roleId : roleIds) {
1680                            if (!ArrayUtil.contains(oldRoleIds, roleId)) {
1681                                    RolePermissionUtil.check(
1682                                            getPermissionChecker(), roleId, ActionKeys.ASSIGN_MEMBERS);
1683                            }
1684                    }
1685    
1686                    return roleIds;
1687            }
1688    
1689            protected List<UserGroupRole> checkUserGroupRoles(
1690                            long userId, List<UserGroupRole> userGroupRoles)
1691                    throws PortalException, SystemException {
1692    
1693                    // Add back any group roles that the administrator does not have the
1694                    // rights to remove
1695    
1696                    List<UserGroupRole> oldUserGroupRoles =
1697                            userGroupRoleLocalService.getUserGroupRoles(userId);
1698    
1699                    for (UserGroupRole oldUserGroupRole : oldUserGroupRoles) {
1700                            if (!userGroupRoles.contains(oldUserGroupRole) &&
1701                                    !UserGroupRolePermissionUtil.contains(
1702                                            getPermissionChecker(), oldUserGroupRole.getGroupId(),
1703                                            oldUserGroupRole.getRoleId())) {
1704    
1705                                    userGroupRoles.add(oldUserGroupRole);
1706                            }
1707                    }
1708    
1709                    for (UserGroupRole userGroupRole : userGroupRoles) {
1710                            if (!oldUserGroupRoles.contains(userGroupRole)) {
1711                                    UserGroupRolePermissionUtil.check(
1712                                            getPermissionChecker(), userGroupRole.getGroupId(),
1713                                            userGroupRole.getRoleId());
1714                            }
1715                    }
1716    
1717                    return userGroupRoles;
1718            }
1719    
1720            protected void updateAnnouncementsDeliveries(
1721                            long userId, List<AnnouncementsDelivery> announcementsDeliveries)
1722                    throws PortalException, SystemException {
1723    
1724                    for (AnnouncementsDelivery announcementsDelivery :
1725                                    announcementsDeliveries) {
1726    
1727                            announcementsDeliveryService.updateDelivery(
1728                                    userId, announcementsDelivery.getType(),
1729                                    announcementsDelivery.getEmail(),
1730                                    announcementsDelivery.getSms(),
1731                                    announcementsDelivery.getWebsite());
1732                    }
1733            }
1734    
1735            protected void validateEmailAddress(User user, String emailAddress)
1736                    throws PortalException, SystemException {
1737    
1738                    PermissionChecker permissionChecker = getPermissionChecker();
1739    
1740                    if (!UsersAdminUtil.hasUpdateEmailAddress(permissionChecker, user)) {
1741                            throw new UserEmailAddressException();
1742                    }
1743    
1744                    if (!user.hasCompanyMx() && user.hasCompanyMx(emailAddress)) {
1745                            Company company = companyPersistence.findByPrimaryKey(
1746                                    user.getCompanyId());
1747    
1748                            if (!company.isStrangersWithMx()) {
1749                                    throw new ReservedUserEmailAddressException();
1750                            }
1751                    }
1752            }
1753    
1754            protected void validateOrganizationUsers(long[] userIds)
1755                    throws PortalException, SystemException {
1756    
1757                    PermissionChecker permissionChecker = getPermissionChecker();
1758    
1759                    if (!PropsValues.ORGANIZATIONS_ASSIGNMENT_STRICT ||
1760                            permissionChecker.isCompanyAdmin()) {
1761    
1762                            return;
1763                    }
1764    
1765                    List<Organization> organizations =
1766                            organizationLocalService.getUserOrganizations(
1767                                    permissionChecker.getUserId());
1768    
1769                    for (long userId : userIds) {
1770                            boolean allowed = false;
1771    
1772                            for (Organization organization : organizations) {
1773                                    boolean manageUsers = OrganizationPermissionUtil.contains(
1774                                            permissionChecker, organization, ActionKeys.MANAGE_USERS);
1775                                    boolean manageSuborganizations =
1776                                            OrganizationPermissionUtil.contains(
1777                                                    permissionChecker, organization,
1778                                                    ActionKeys.MANAGE_SUBORGANIZATIONS);
1779    
1780                                    if (!manageUsers && !manageSuborganizations) {
1781                                            continue;
1782                                    }
1783    
1784                                    boolean inherited = false;
1785                                    boolean includeSpecifiedOrganization = false;
1786    
1787                                    if (manageUsers && manageSuborganizations) {
1788                                            inherited = true;
1789                                            includeSpecifiedOrganization = true;
1790                                    }
1791                                    else if (!manageUsers && manageSuborganizations) {
1792                                            inherited = true;
1793                                            includeSpecifiedOrganization = false;
1794                                    }
1795    
1796                                    if (organizationLocalService.hasUserOrganization(
1797                                                    userId, organization.getOrganizationId(), inherited,
1798                                                    includeSpecifiedOrganization)) {
1799    
1800                                            allowed = true;
1801    
1802                                            break;
1803                                    }
1804                            }
1805    
1806                            if (!allowed) {
1807                                    throw new PrincipalException();
1808                            }
1809                    }
1810            }
1811    
1812            protected void validateScreenName(User user, String screenName)
1813                    throws PortalException, SystemException {
1814    
1815                    PermissionChecker permissionChecker = getPermissionChecker();
1816    
1817                    if (!UsersAdminUtil.hasUpdateScreenName(permissionChecker, user)) {
1818                            throw new UserScreenNameException();
1819                    }
1820            }
1821    
1822    }