001
014
015 package com.liferay.portal.service.impl;
016
017 import com.liferay.portal.DuplicatePasswordPolicyException;
018 import com.liferay.portal.PasswordPolicyNameException;
019 import com.liferay.portal.RequiredPasswordPolicyException;
020 import com.liferay.portal.kernel.cache.ThreadLocalCachable;
021 import com.liferay.portal.kernel.exception.PortalException;
022 import com.liferay.portal.kernel.exception.SystemException;
023 import com.liferay.portal.kernel.systemevent.SystemEvent;
024 import com.liferay.portal.kernel.util.CharPool;
025 import com.liferay.portal.kernel.util.OrderByComparator;
026 import com.liferay.portal.kernel.util.Validator;
027 import com.liferay.portal.model.Organization;
028 import com.liferay.portal.model.PasswordPolicy;
029 import com.liferay.portal.model.PasswordPolicyRel;
030 import com.liferay.portal.model.ResourceConstants;
031 import com.liferay.portal.model.SystemEventConstants;
032 import com.liferay.portal.model.User;
033 import com.liferay.portal.security.auth.CompanyThreadLocal;
034 import com.liferay.portal.security.ldap.LDAPSettingsUtil;
035 import com.liferay.portal.service.ServiceContext;
036 import com.liferay.portal.service.base.PasswordPolicyLocalServiceBaseImpl;
037 import com.liferay.portal.util.PropsValues;
038
039 import java.util.Date;
040 import java.util.List;
041
042
045 public class PasswordPolicyLocalServiceImpl
046 extends PasswordPolicyLocalServiceBaseImpl {
047
048
055 @Override
056 public PasswordPolicy addPasswordPolicy(
057 long userId, boolean defaultPolicy, String name, String description,
058 boolean changeable, boolean changeRequired, long minAge,
059 boolean checkSyntax, boolean allowDictionaryWords,
060 int minAlphanumeric, int minLength, int minLowerCase,
061 int minNumbers, int minSymbols, int minUpperCase, boolean history,
062 int historyCount, boolean expireable, long maxAge, long warningTime,
063 int graceLimit, boolean lockout, int maxFailure,
064 long lockoutDuration, long resetFailureCount,
065 long resetTicketMaxAge)
066 throws PortalException, SystemException {
067
068 return addPasswordPolicy(
069 userId, defaultPolicy, name, description, changeable,
070 changeRequired, minAge, checkSyntax, allowDictionaryWords,
071 minAlphanumeric, minLength, minLowerCase, minNumbers, minSymbols,
072 minUpperCase, null, history, historyCount, expireable, maxAge,
073 warningTime, graceLimit, lockout, maxFailure, lockoutDuration,
074 resetFailureCount, resetTicketMaxAge, new ServiceContext());
075 }
076
077 @Override
078 public PasswordPolicy addPasswordPolicy(
079 long userId, boolean defaultPolicy, String name, String description,
080 boolean changeable, boolean changeRequired, long minAge,
081 boolean checkSyntax, boolean allowDictionaryWords,
082 int minAlphanumeric, int minLength, int minLowerCase,
083 int minNumbers, int minSymbols, int minUpperCase, String regex,
084 boolean history, int historyCount, boolean expireable, long maxAge,
085 long warningTime, int graceLimit, boolean lockout, int maxFailure,
086 long lockoutDuration, long resetFailureCount,
087 long resetTicketMaxAge, ServiceContext serviceContext)
088 throws PortalException, SystemException {
089
090
091
092 User user = userPersistence.findByPrimaryKey(userId);
093 Date now = new Date();
094
095 validate(0, user.getCompanyId(), name);
096
097 long passwordPolicyId = counterLocalService.increment();
098
099 PasswordPolicy passwordPolicy = passwordPolicyPersistence.create(
100 passwordPolicyId);
101
102 passwordPolicy.setUuid(serviceContext.getUuid());
103 passwordPolicy.setCompanyId(user.getCompanyId());
104 passwordPolicy.setUserId(userId);
105 passwordPolicy.setUserName(user.getFullName());
106 passwordPolicy.setCreateDate(serviceContext.getCreateDate(now));
107 passwordPolicy.setModifiedDate(serviceContext.getModifiedDate(now));
108 passwordPolicy.setDefaultPolicy(defaultPolicy);
109 passwordPolicy.setName(name);
110 passwordPolicy.setDescription(description);
111 passwordPolicy.setChangeable(changeable);
112 passwordPolicy.setChangeRequired(changeRequired);
113 passwordPolicy.setMinAge(minAge);
114 passwordPolicy.setCheckSyntax(checkSyntax);
115 passwordPolicy.setAllowDictionaryWords(allowDictionaryWords);
116 passwordPolicy.setMinAlphanumeric(minAlphanumeric);
117 passwordPolicy.setMinLength(minLength);
118 passwordPolicy.setMinLowerCase(minLowerCase);
119 passwordPolicy.setMinNumbers(minNumbers);
120 passwordPolicy.setMinSymbols(minSymbols);
121 passwordPolicy.setMinUpperCase(minUpperCase);
122 passwordPolicy.setRegex(regex);
123 passwordPolicy.setHistory(history);
124 passwordPolicy.setHistoryCount(historyCount);
125 passwordPolicy.setExpireable(expireable);
126 passwordPolicy.setMaxAge(maxAge);
127 passwordPolicy.setWarningTime(warningTime);
128 passwordPolicy.setGraceLimit(graceLimit);
129 passwordPolicy.setLockout(lockout);
130 passwordPolicy.setMaxFailure(maxFailure);
131 passwordPolicy.setLockoutDuration(lockoutDuration);
132 passwordPolicy.setRequireUnlock(lockoutDuration == 0);
133 passwordPolicy.setResetFailureCount(resetFailureCount);
134 passwordPolicy.setResetTicketMaxAge(resetTicketMaxAge);
135 passwordPolicy.setExpandoBridgeAttributes(serviceContext);
136
137 passwordPolicyPersistence.update(passwordPolicy);
138
139
140
141 if (!user.isDefaultUser()) {
142 resourceLocalService.addResources(
143 user.getCompanyId(), 0, userId, PasswordPolicy.class.getName(),
144 passwordPolicy.getPasswordPolicyId(), false, false, false);
145 }
146
147 return passwordPolicy;
148 }
149
150 @Override
151 public void checkDefaultPasswordPolicy(long companyId)
152 throws PortalException, SystemException {
153
154 String defaultPasswordPolicyName =
155 PropsValues.PASSWORDS_DEFAULT_POLICY_NAME;
156
157 PasswordPolicy defaultPasswordPolicy =
158 passwordPolicyPersistence.fetchByC_N(
159 companyId, defaultPasswordPolicyName);
160
161 if (defaultPasswordPolicy == null) {
162 long defaultUserId = userLocalService.getDefaultUserId(companyId);
163
164 addPasswordPolicy(
165 defaultUserId, true, defaultPasswordPolicyName,
166 defaultPasswordPolicyName,
167 PropsValues.PASSWORDS_DEFAULT_POLICY_CHANGEABLE,
168 PropsValues.PASSWORDS_DEFAULT_POLICY_CHANGE_REQUIRED,
169 PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_AGE,
170 PropsValues.PASSWORDS_DEFAULT_POLICY_CHECK_SYNTAX,
171 PropsValues.PASSWORDS_DEFAULT_POLICY_ALLOW_DICTIONARY_WORDS,
172 PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_ALPHANUMERIC,
173 PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_LENGTH,
174 PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_LOWERCASE,
175 PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_NUMBERS,
176 PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_SYMBOLS,
177 PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_UPPERCASE,
178 PropsValues.PASSWORDS_DEFAULT_POLICY_REGEX,
179 PropsValues.PASSWORDS_DEFAULT_POLICY_HISTORY,
180 PropsValues.PASSWORDS_DEFAULT_POLICY_HISTORY_COUNT,
181 PropsValues.PASSWORDS_DEFAULT_POLICY_EXPIREABLE,
182 PropsValues.PASSWORDS_DEFAULT_POLICY_MAX_AGE,
183 PropsValues.PASSWORDS_DEFAULT_POLICY_WARNING_TIME,
184 PropsValues.PASSWORDS_DEFAULT_POLICY_GRACE_LIMIT,
185 PropsValues.PASSWORDS_DEFAULT_POLICY_LOCKOUT,
186 PropsValues.PASSWORDS_DEFAULT_POLICY_MAX_FAILURE,
187 PropsValues.PASSWORDS_DEFAULT_POLICY_LOCKOUT_DURATION,
188 PropsValues.PASSWORDS_DEFAULT_POLICY_RESET_FAILURE_COUNT,
189 PropsValues.PASSWORDS_DEFAULT_POLICY_RESET_TICKET_MAX_AGE,
190 new ServiceContext());
191 }
192 }
193
194 @Override
195 public void deleteNondefaultPasswordPolicies(long companyId)
196 throws PortalException, SystemException {
197
198 List<PasswordPolicy> passwordPolicies =
199 passwordPolicyPersistence.findByCompanyId(companyId);
200
201 for (PasswordPolicy passwordPolicy : passwordPolicies) {
202 if (!passwordPolicy.isDefaultPolicy()) {
203 passwordPolicyLocalService.deletePasswordPolicy(passwordPolicy);
204 }
205 }
206 }
207
208 @Override
209 public PasswordPolicy deletePasswordPolicy(long passwordPolicyId)
210 throws PortalException, SystemException {
211
212 PasswordPolicy passwordPolicy =
213 passwordPolicyPersistence.findByPrimaryKey(passwordPolicyId);
214
215 return passwordPolicyLocalService.deletePasswordPolicy(passwordPolicy);
216 }
217
218 @Override
219 @SystemEvent(
220 action = SystemEventConstants.ACTION_SKIP,
221 type = SystemEventConstants.TYPE_DELETE)
222 public PasswordPolicy deletePasswordPolicy(PasswordPolicy passwordPolicy)
223 throws PortalException, SystemException {
224
225 if (passwordPolicy.isDefaultPolicy() &&
226 !CompanyThreadLocal.isDeleteInProcess()) {
227
228 throw new RequiredPasswordPolicyException();
229 }
230
231
232
233 passwordPolicyRelLocalService.deletePasswordPolicyRels(
234 passwordPolicy.getPasswordPolicyId());
235
236
237
238 resourceLocalService.deleteResource(
239 passwordPolicy.getCompanyId(), PasswordPolicy.class.getName(),
240 ResourceConstants.SCOPE_INDIVIDUAL,
241 passwordPolicy.getPasswordPolicyId());
242
243
244
245 return passwordPolicyPersistence.remove(passwordPolicy);
246 }
247
248 @Override
249 public PasswordPolicy fetchPasswordPolicy(long companyId, String name)
250 throws SystemException {
251
252 return passwordPolicyPersistence.fetchByC_N(companyId, name);
253 }
254
255 @Override
256 public PasswordPolicy getDefaultPasswordPolicy(long companyId)
257 throws PortalException, SystemException {
258
259 if (LDAPSettingsUtil.isPasswordPolicyEnabled(companyId)) {
260 return null;
261 }
262
263 return passwordPolicyPersistence.findByC_DP(companyId, true);
264 }
265
266
269 @Override
270 public PasswordPolicy getPasswordPolicy(
271 long companyId, long organizationId, long locationId)
272 throws PortalException, SystemException {
273
274 return getPasswordPolicy(
275 companyId, new long[] {organizationId, locationId});
276 }
277
278 @Override
279 public PasswordPolicy getPasswordPolicy(
280 long companyId, long[] organizationIds)
281 throws PortalException, SystemException {
282
283 if (LDAPSettingsUtil.isPasswordPolicyEnabled(companyId)) {
284 return null;
285 }
286
287 if ((organizationIds == null) || (organizationIds.length == 0)) {
288 return getDefaultPasswordPolicy(companyId);
289 }
290
291 long classNameId = classNameLocalService.getClassNameId(
292 Organization.class.getName());
293
294 PasswordPolicyRel passwordPolicyRel = null;
295
296 for (int i = 0; i < organizationIds.length; i++) {
297 long organizationId = organizationIds[i];
298
299 passwordPolicyRel = passwordPolicyRelPersistence.fetchByC_C(
300 classNameId, organizationId);
301
302 if (passwordPolicyRel != null) {
303 return passwordPolicyPersistence.findByPrimaryKey(
304 passwordPolicyRel.getPasswordPolicyId());
305 }
306 }
307
308 return getDefaultPasswordPolicy(companyId);
309 }
310
311 @Override
312 @ThreadLocalCachable
313 public PasswordPolicy getPasswordPolicyByUserId(long userId)
314 throws PortalException, SystemException {
315
316 User user = userPersistence.findByPrimaryKey(userId);
317
318 if (LDAPSettingsUtil.isPasswordPolicyEnabled(user.getCompanyId())) {
319 return null;
320 }
321
322 long classNameId = classNameLocalService.getClassNameId(
323 User.class.getName());
324
325 PasswordPolicyRel passwordPolicyRel =
326 passwordPolicyRelPersistence.fetchByC_C(classNameId, userId);
327
328 if (passwordPolicyRel != null) {
329 return getPasswordPolicy(passwordPolicyRel.getPasswordPolicyId());
330 }
331 else {
332 List<Organization> organizations = userPersistence.getOrganizations(
333 userId);
334
335 if (organizations.isEmpty()) {
336 return passwordPolicyPersistence.findByC_DP(
337 user.getCompanyId(), true);
338 }
339
340 long[] organizationIds = new long[organizations.size()];
341
342 for (int i = 0; i < organizationIds.length; i++) {
343 Organization organization = organizations.get(i);
344
345 organizationIds[i] = organization.getOrganizationId();
346 }
347
348 return getPasswordPolicy(user.getCompanyId(), organizationIds);
349 }
350 }
351
352 @Override
353 public List<PasswordPolicy> search(
354 long companyId, String name, int start, int end,
355 OrderByComparator obc)
356 throws SystemException {
357
358 return passwordPolicyFinder.findByC_N(companyId, name, start, end, obc);
359 }
360
361 @Override
362 public int searchCount(long companyId, String name) throws SystemException {
363 return passwordPolicyFinder.countByC_N(companyId, name);
364 }
365
366
373 @Override
374 public PasswordPolicy updatePasswordPolicy(
375 long passwordPolicyId, String name, String description,
376 boolean changeable, boolean changeRequired, long minAge,
377 boolean checkSyntax, boolean allowDictionaryWords,
378 int minAlphanumeric, int minLength, int minLowerCase,
379 int minNumbers, int minSymbols, int minUpperCase, boolean history,
380 int historyCount, boolean expireable, long maxAge, long warningTime,
381 int graceLimit, boolean lockout, int maxFailure,
382 long lockoutDuration, long resetFailureCount,
383 long resetTicketMaxAge)
384 throws PortalException, SystemException {
385
386 return updatePasswordPolicy(
387 passwordPolicyId, name, description, changeable, changeRequired,
388 minAge, checkSyntax, allowDictionaryWords, minAlphanumeric,
389 minLength, minLowerCase, minNumbers, minSymbols, minUpperCase, null,
390 history, historyCount, expireable, maxAge, warningTime, graceLimit,
391 lockout, maxFailure, lockoutDuration, resetFailureCount,
392 resetTicketMaxAge, new ServiceContext());
393 }
394
395 @Override
396 public PasswordPolicy updatePasswordPolicy(
397 long passwordPolicyId, String name, String description,
398 boolean changeable, boolean changeRequired, long minAge,
399 boolean checkSyntax, boolean allowDictionaryWords,
400 int minAlphanumeric, int minLength, int minLowerCase,
401 int minNumbers, int minSymbols, int minUpperCase, String regex,
402 boolean history, int historyCount, boolean expireable, long maxAge,
403 long warningTime, int graceLimit, boolean lockout, int maxFailure,
404 long lockoutDuration, long resetFailureCount,
405 long resetTicketMaxAge, ServiceContext serviceContext)
406 throws PortalException, SystemException {
407
408 Date now = new Date();
409
410 PasswordPolicy passwordPolicy =
411 passwordPolicyPersistence.findByPrimaryKey(passwordPolicyId);
412
413 if (!passwordPolicy.getDefaultPolicy()) {
414 validate(passwordPolicyId, passwordPolicy.getCompanyId(), name);
415
416 passwordPolicy.setName(name);
417 }
418
419 passwordPolicy.setModifiedDate(serviceContext.getModifiedDate(now));
420 passwordPolicy.setDescription(description);
421 passwordPolicy.setChangeable(changeable);
422 passwordPolicy.setChangeRequired(changeRequired);
423 passwordPolicy.setMinAge(minAge);
424 passwordPolicy.setCheckSyntax(checkSyntax);
425 passwordPolicy.setAllowDictionaryWords(allowDictionaryWords);
426 passwordPolicy.setMinAlphanumeric(minAlphanumeric);
427 passwordPolicy.setMinLength(minLength);
428 passwordPolicy.setMinLowerCase(minLowerCase);
429 passwordPolicy.setMinNumbers(minNumbers);
430 passwordPolicy.setMinSymbols(minSymbols);
431 passwordPolicy.setMinUpperCase(minUpperCase);
432 passwordPolicy.setRegex(regex);
433 passwordPolicy.setHistory(history);
434 passwordPolicy.setHistoryCount(historyCount);
435 passwordPolicy.setExpireable(expireable);
436 passwordPolicy.setMaxAge(maxAge);
437 passwordPolicy.setWarningTime(warningTime);
438 passwordPolicy.setGraceLimit(graceLimit);
439 passwordPolicy.setLockout(lockout);
440 passwordPolicy.setMaxFailure(maxFailure);
441 passwordPolicy.setLockoutDuration(lockoutDuration);
442 passwordPolicy.setRequireUnlock(lockoutDuration == 0);
443 passwordPolicy.setResetFailureCount(resetFailureCount);
444 passwordPolicy.setResetTicketMaxAge(resetTicketMaxAge);
445 passwordPolicy.setExpandoBridgeAttributes(serviceContext);
446
447 passwordPolicyPersistence.update(passwordPolicy);
448
449 return passwordPolicy;
450 }
451
452 protected void validate(long passwordPolicyId, long companyId, String name)
453 throws PortalException, SystemException {
454
455 if (Validator.isNull(name) || Validator.isNumber(name) ||
456 (name.indexOf(CharPool.COMMA) != -1) ||
457 (name.indexOf(CharPool.STAR) != -1)) {
458
459 throw new PasswordPolicyNameException();
460 }
461
462 PasswordPolicy passwordPolicy = passwordPolicyPersistence.fetchByC_N(
463 companyId, name);
464
465 if (passwordPolicy != null) {
466 if ((passwordPolicyId <= 0) ||
467 (passwordPolicy.getPasswordPolicyId() != passwordPolicyId)) {
468
469 throw new DuplicatePasswordPolicyException();
470 }
471 }
472 }
473
474 }