001    /**
002     * Copyright (c) 2000-2013 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.service.impl;
016    
017    import com.liferay.portal.DuplicatePasswordPolicyException;
018    import com.liferay.portal.PasswordPolicyNameException;
019    import com.liferay.portal.RequiredPasswordPolicyException;
020    import com.liferay.portal.kernel.cache.ThreadLocalCachable;
021    import com.liferay.portal.kernel.exception.PortalException;
022    import com.liferay.portal.kernel.exception.SystemException;
023    import com.liferay.portal.kernel.systemevent.SystemEvent;
024    import com.liferay.portal.kernel.util.CharPool;
025    import com.liferay.portal.kernel.util.OrderByComparator;
026    import com.liferay.portal.kernel.util.Validator;
027    import com.liferay.portal.model.Organization;
028    import com.liferay.portal.model.PasswordPolicy;
029    import com.liferay.portal.model.PasswordPolicyRel;
030    import com.liferay.portal.model.ResourceConstants;
031    import com.liferay.portal.model.SystemEventConstants;
032    import com.liferay.portal.model.User;
033    import com.liferay.portal.security.auth.CompanyThreadLocal;
034    import com.liferay.portal.security.ldap.LDAPSettingsUtil;
035    import com.liferay.portal.service.ServiceContext;
036    import com.liferay.portal.service.base.PasswordPolicyLocalServiceBaseImpl;
037    import com.liferay.portal.util.PropsValues;
038    
039    import java.util.Date;
040    import java.util.List;
041    
042    /**
043     * @author Scott Lee
044     */
045    public class PasswordPolicyLocalServiceImpl
046            extends PasswordPolicyLocalServiceBaseImpl {
047    
048            /**
049             * @deprecated As of 6.2.0, replaced by {@link #addPasswordPolicy(long,
050             *             boolean, String, String, boolean, boolean, long, boolean,
051             *             boolean, int, int, int, int, int, int, String, boolean, int,
052             *             boolean, long, long, int, boolean, int, long, long, long,
053             *             ServiceContext)}
054             */
055            @Override
056            public PasswordPolicy addPasswordPolicy(
057                            long userId, boolean defaultPolicy, String name, String description,
058                            boolean changeable, boolean changeRequired, long minAge,
059                            boolean checkSyntax, boolean allowDictionaryWords,
060                            int minAlphanumeric, int minLength, int minLowerCase,
061                            int minNumbers, int minSymbols, int minUpperCase, boolean history,
062                            int historyCount, boolean expireable, long maxAge, long warningTime,
063                            int graceLimit, boolean lockout, int maxFailure,
064                            long lockoutDuration, long resetFailureCount,
065                            long resetTicketMaxAge)
066                    throws PortalException, SystemException {
067    
068                    return addPasswordPolicy(
069                            userId, defaultPolicy, name, description, changeable,
070                            changeRequired, minAge, checkSyntax, allowDictionaryWords,
071                            minAlphanumeric, minLength, minLowerCase, minNumbers, minSymbols,
072                            minUpperCase, null, history, historyCount, expireable, maxAge,
073                            warningTime, graceLimit, lockout, maxFailure, lockoutDuration,
074                            resetFailureCount, resetTicketMaxAge, new ServiceContext());
075            }
076    
077            @Override
078            public PasswordPolicy addPasswordPolicy(
079                            long userId, boolean defaultPolicy, String name, String description,
080                            boolean changeable, boolean changeRequired, long minAge,
081                            boolean checkSyntax, boolean allowDictionaryWords,
082                            int minAlphanumeric, int minLength, int minLowerCase,
083                            int minNumbers, int minSymbols, int minUpperCase, String regex,
084                            boolean history, int historyCount, boolean expireable, long maxAge,
085                            long warningTime, int graceLimit, boolean lockout, int maxFailure,
086                            long lockoutDuration, long resetFailureCount,
087                            long resetTicketMaxAge, ServiceContext serviceContext)
088                    throws PortalException, SystemException {
089    
090                    // Password policy
091    
092                    User user = userPersistence.findByPrimaryKey(userId);
093                    Date now = new Date();
094    
095                    validate(0, user.getCompanyId(), name);
096    
097                    long passwordPolicyId = counterLocalService.increment();
098    
099                    PasswordPolicy passwordPolicy = passwordPolicyPersistence.create(
100                            passwordPolicyId);
101    
102                    passwordPolicy.setUuid(serviceContext.getUuid());
103                    passwordPolicy.setCompanyId(user.getCompanyId());
104                    passwordPolicy.setUserId(userId);
105                    passwordPolicy.setUserName(user.getFullName());
106                    passwordPolicy.setCreateDate(serviceContext.getCreateDate(now));
107                    passwordPolicy.setModifiedDate(serviceContext.getModifiedDate(now));
108                    passwordPolicy.setDefaultPolicy(defaultPolicy);
109                    passwordPolicy.setName(name);
110                    passwordPolicy.setDescription(description);
111                    passwordPolicy.setChangeable(changeable);
112                    passwordPolicy.setChangeRequired(changeRequired);
113                    passwordPolicy.setMinAge(minAge);
114                    passwordPolicy.setCheckSyntax(checkSyntax);
115                    passwordPolicy.setAllowDictionaryWords(allowDictionaryWords);
116                    passwordPolicy.setMinAlphanumeric(minAlphanumeric);
117                    passwordPolicy.setMinLength(minLength);
118                    passwordPolicy.setMinLowerCase(minLowerCase);
119                    passwordPolicy.setMinNumbers(minNumbers);
120                    passwordPolicy.setMinSymbols(minSymbols);
121                    passwordPolicy.setMinUpperCase(minUpperCase);
122                    passwordPolicy.setRegex(regex);
123                    passwordPolicy.setHistory(history);
124                    passwordPolicy.setHistoryCount(historyCount);
125                    passwordPolicy.setExpireable(expireable);
126                    passwordPolicy.setMaxAge(maxAge);
127                    passwordPolicy.setWarningTime(warningTime);
128                    passwordPolicy.setGraceLimit(graceLimit);
129                    passwordPolicy.setLockout(lockout);
130                    passwordPolicy.setMaxFailure(maxFailure);
131                    passwordPolicy.setLockoutDuration(lockoutDuration);
132                    passwordPolicy.setRequireUnlock(lockoutDuration == 0);
133                    passwordPolicy.setResetFailureCount(resetFailureCount);
134                    passwordPolicy.setResetTicketMaxAge(resetTicketMaxAge);
135                    passwordPolicy.setExpandoBridgeAttributes(serviceContext);
136    
137                    passwordPolicyPersistence.update(passwordPolicy);
138    
139                    // Resources
140    
141                    if (!user.isDefaultUser()) {
142                            resourceLocalService.addResources(
143                                    user.getCompanyId(), 0, userId, PasswordPolicy.class.getName(),
144                                    passwordPolicy.getPasswordPolicyId(), false, false, false);
145                    }
146    
147                    return passwordPolicy;
148            }
149    
150            @Override
151            public void checkDefaultPasswordPolicy(long companyId)
152                    throws PortalException, SystemException {
153    
154                    String defaultPasswordPolicyName =
155                            PropsValues.PASSWORDS_DEFAULT_POLICY_NAME;
156    
157                    PasswordPolicy defaultPasswordPolicy =
158                            passwordPolicyPersistence.fetchByC_N(
159                                    companyId, defaultPasswordPolicyName);
160    
161                    if (defaultPasswordPolicy == null) {
162                            long defaultUserId = userLocalService.getDefaultUserId(companyId);
163    
164                            addPasswordPolicy(
165                                    defaultUserId, true, defaultPasswordPolicyName,
166                                    defaultPasswordPolicyName,
167                                    PropsValues.PASSWORDS_DEFAULT_POLICY_CHANGEABLE,
168                                    PropsValues.PASSWORDS_DEFAULT_POLICY_CHANGE_REQUIRED,
169                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_AGE,
170                                    PropsValues.PASSWORDS_DEFAULT_POLICY_CHECK_SYNTAX,
171                                    PropsValues.PASSWORDS_DEFAULT_POLICY_ALLOW_DICTIONARY_WORDS,
172                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_ALPHANUMERIC,
173                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_LENGTH,
174                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_LOWERCASE,
175                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_NUMBERS,
176                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_SYMBOLS,
177                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_UPPERCASE,
178                                    PropsValues.PASSWORDS_DEFAULT_POLICY_REGEX,
179                                    PropsValues.PASSWORDS_DEFAULT_POLICY_HISTORY,
180                                    PropsValues.PASSWORDS_DEFAULT_POLICY_HISTORY_COUNT,
181                                    PropsValues.PASSWORDS_DEFAULT_POLICY_EXPIREABLE,
182                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MAX_AGE,
183                                    PropsValues.PASSWORDS_DEFAULT_POLICY_WARNING_TIME,
184                                    PropsValues.PASSWORDS_DEFAULT_POLICY_GRACE_LIMIT,
185                                    PropsValues.PASSWORDS_DEFAULT_POLICY_LOCKOUT,
186                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MAX_FAILURE,
187                                    PropsValues.PASSWORDS_DEFAULT_POLICY_LOCKOUT_DURATION,
188                                    PropsValues.PASSWORDS_DEFAULT_POLICY_RESET_FAILURE_COUNT,
189                                    PropsValues.PASSWORDS_DEFAULT_POLICY_RESET_TICKET_MAX_AGE,
190                                    new ServiceContext());
191                    }
192            }
193    
194            @Override
195            public void deleteNondefaultPasswordPolicies(long companyId)
196                    throws PortalException, SystemException {
197    
198                    List<PasswordPolicy> passwordPolicies =
199                            passwordPolicyPersistence.findByCompanyId(companyId);
200    
201                    for (PasswordPolicy passwordPolicy : passwordPolicies) {
202                            if (!passwordPolicy.isDefaultPolicy()) {
203                                    passwordPolicyLocalService.deletePasswordPolicy(passwordPolicy);
204                            }
205                    }
206            }
207    
208            @Override
209            public PasswordPolicy deletePasswordPolicy(long passwordPolicyId)
210                    throws PortalException, SystemException {
211    
212                    PasswordPolicy passwordPolicy =
213                            passwordPolicyPersistence.findByPrimaryKey(passwordPolicyId);
214    
215                    return passwordPolicyLocalService.deletePasswordPolicy(passwordPolicy);
216            }
217    
218            @Override
219            @SystemEvent(
220                    action = SystemEventConstants.ACTION_SKIP,
221                    type = SystemEventConstants.TYPE_DELETE)
222            public PasswordPolicy deletePasswordPolicy(PasswordPolicy passwordPolicy)
223                    throws PortalException, SystemException {
224    
225                    if (passwordPolicy.isDefaultPolicy() &&
226                            !CompanyThreadLocal.isDeleteInProcess()) {
227    
228                            throw new RequiredPasswordPolicyException();
229                    }
230    
231                    // Password policy relations
232    
233                    passwordPolicyRelLocalService.deletePasswordPolicyRels(
234                            passwordPolicy.getPasswordPolicyId());
235    
236                    // Resources
237    
238                    resourceLocalService.deleteResource(
239                            passwordPolicy.getCompanyId(), PasswordPolicy.class.getName(),
240                            ResourceConstants.SCOPE_INDIVIDUAL,
241                            passwordPolicy.getPasswordPolicyId());
242    
243                    // Password policy
244    
245                    return passwordPolicyPersistence.remove(passwordPolicy);
246            }
247    
248            @Override
249            public PasswordPolicy fetchPasswordPolicy(long companyId, String name)
250                    throws SystemException {
251    
252                    return passwordPolicyPersistence.fetchByC_N(companyId, name);
253            }
254    
255            @Override
256            public PasswordPolicy getDefaultPasswordPolicy(long companyId)
257                    throws PortalException, SystemException {
258    
259                    if (LDAPSettingsUtil.isPasswordPolicyEnabled(companyId)) {
260                            return null;
261                    }
262    
263                    return passwordPolicyPersistence.findByC_DP(companyId, true);
264            }
265    
266            /**
267             * @deprecated As of 6.1.0
268             */
269            @Override
270            public PasswordPolicy getPasswordPolicy(
271                            long companyId, long organizationId, long locationId)
272                    throws PortalException, SystemException {
273    
274                    return getPasswordPolicy(
275                            companyId, new long[] {organizationId, locationId});
276            }
277    
278            @Override
279            public PasswordPolicy getPasswordPolicy(
280                            long companyId, long[] organizationIds)
281                    throws PortalException, SystemException {
282    
283                    if (LDAPSettingsUtil.isPasswordPolicyEnabled(companyId)) {
284                            return null;
285                    }
286    
287                    if ((organizationIds == null) || (organizationIds.length == 0)) {
288                            return getDefaultPasswordPolicy(companyId);
289                    }
290    
291                    long classNameId = classNameLocalService.getClassNameId(
292                            Organization.class.getName());
293    
294                    PasswordPolicyRel passwordPolicyRel = null;
295    
296                    for (int i = 0; i < organizationIds.length; i++) {
297                            long organizationId = organizationIds[i];
298    
299                            passwordPolicyRel = passwordPolicyRelPersistence.fetchByC_C(
300                                    classNameId, organizationId);
301    
302                            if (passwordPolicyRel != null) {
303                                    return passwordPolicyPersistence.findByPrimaryKey(
304                                            passwordPolicyRel.getPasswordPolicyId());
305                            }
306                    }
307    
308                    return getDefaultPasswordPolicy(companyId);
309            }
310    
311            @Override
312            @ThreadLocalCachable
313            public PasswordPolicy getPasswordPolicyByUserId(long userId)
314                    throws PortalException, SystemException {
315    
316                    User user = userPersistence.findByPrimaryKey(userId);
317    
318                    if (LDAPSettingsUtil.isPasswordPolicyEnabled(user.getCompanyId())) {
319                            return null;
320                    }
321    
322                    long classNameId = classNameLocalService.getClassNameId(
323                            User.class.getName());
324    
325                    PasswordPolicyRel passwordPolicyRel =
326                            passwordPolicyRelPersistence.fetchByC_C(classNameId, userId);
327    
328                    if (passwordPolicyRel != null) {
329                            return getPasswordPolicy(passwordPolicyRel.getPasswordPolicyId());
330                    }
331                    else {
332                            List<Organization> organizations = userPersistence.getOrganizations(
333                                    userId);
334    
335                            if (organizations.isEmpty()) {
336                                    return passwordPolicyPersistence.findByC_DP(
337                                            user.getCompanyId(), true);
338                            }
339    
340                            long[] organizationIds = new long[organizations.size()];
341    
342                            for (int i = 0; i < organizationIds.length; i++) {
343                                    Organization organization = organizations.get(i);
344    
345                                    organizationIds[i] = organization.getOrganizationId();
346                            }
347    
348                            return getPasswordPolicy(user.getCompanyId(), organizationIds);
349                    }
350            }
351    
352            @Override
353            public List<PasswordPolicy> search(
354                            long companyId, String name, int start, int end,
355                            OrderByComparator obc)
356                    throws SystemException {
357    
358                    return passwordPolicyFinder.findByC_N(companyId, name, start, end, obc);
359            }
360    
361            @Override
362            public int searchCount(long companyId, String name) throws SystemException {
363                    return passwordPolicyFinder.countByC_N(companyId, name);
364            }
365    
366            /**
367             * @deprecated As of 6.2.0, replaced by {@link #updatePasswordPolicy(long,
368             *             String, String, boolean, boolean, long, boolean, boolean,
369             *             int, int, int, int, int, int, String, boolean, int, boolean,
370             *             long, long, int, boolean, int, long, long, long,
371             *             ServiceContext)}
372             */
373            @Override
374            public PasswordPolicy updatePasswordPolicy(
375                            long passwordPolicyId, String name, String description,
376                            boolean changeable, boolean changeRequired, long minAge,
377                            boolean checkSyntax, boolean allowDictionaryWords,
378                            int minAlphanumeric, int minLength, int minLowerCase,
379                            int minNumbers, int minSymbols, int minUpperCase, boolean history,
380                            int historyCount, boolean expireable, long maxAge, long warningTime,
381                            int graceLimit, boolean lockout, int maxFailure,
382                            long lockoutDuration, long resetFailureCount,
383                            long resetTicketMaxAge)
384                    throws PortalException, SystemException {
385    
386                    return updatePasswordPolicy(
387                            passwordPolicyId, name, description, changeable, changeRequired,
388                            minAge, checkSyntax, allowDictionaryWords, minAlphanumeric,
389                            minLength, minLowerCase, minNumbers, minSymbols, minUpperCase, null,
390                            history, historyCount, expireable, maxAge, warningTime, graceLimit,
391                            lockout, maxFailure, lockoutDuration, resetFailureCount,
392                            resetTicketMaxAge, new ServiceContext());
393            }
394    
395            @Override
396            public PasswordPolicy updatePasswordPolicy(
397                            long passwordPolicyId, String name, String description,
398                            boolean changeable, boolean changeRequired, long minAge,
399                            boolean checkSyntax, boolean allowDictionaryWords,
400                            int minAlphanumeric, int minLength, int minLowerCase,
401                            int minNumbers, int minSymbols, int minUpperCase, String regex,
402                            boolean history, int historyCount, boolean expireable, long maxAge,
403                            long warningTime, int graceLimit, boolean lockout, int maxFailure,
404                            long lockoutDuration, long resetFailureCount,
405                            long resetTicketMaxAge, ServiceContext serviceContext)
406                    throws PortalException, SystemException {
407    
408                    Date now = new Date();
409    
410                    PasswordPolicy passwordPolicy =
411                            passwordPolicyPersistence.findByPrimaryKey(passwordPolicyId);
412    
413                    if (!passwordPolicy.getDefaultPolicy()) {
414                            validate(passwordPolicyId, passwordPolicy.getCompanyId(), name);
415    
416                            passwordPolicy.setName(name);
417                    }
418    
419                    passwordPolicy.setModifiedDate(serviceContext.getModifiedDate(now));
420                    passwordPolicy.setDescription(description);
421                    passwordPolicy.setChangeable(changeable);
422                    passwordPolicy.setChangeRequired(changeRequired);
423                    passwordPolicy.setMinAge(minAge);
424                    passwordPolicy.setCheckSyntax(checkSyntax);
425                    passwordPolicy.setAllowDictionaryWords(allowDictionaryWords);
426                    passwordPolicy.setMinAlphanumeric(minAlphanumeric);
427                    passwordPolicy.setMinLength(minLength);
428                    passwordPolicy.setMinLowerCase(minLowerCase);
429                    passwordPolicy.setMinNumbers(minNumbers);
430                    passwordPolicy.setMinSymbols(minSymbols);
431                    passwordPolicy.setMinUpperCase(minUpperCase);
432                    passwordPolicy.setRegex(regex);
433                    passwordPolicy.setHistory(history);
434                    passwordPolicy.setHistoryCount(historyCount);
435                    passwordPolicy.setExpireable(expireable);
436                    passwordPolicy.setMaxAge(maxAge);
437                    passwordPolicy.setWarningTime(warningTime);
438                    passwordPolicy.setGraceLimit(graceLimit);
439                    passwordPolicy.setLockout(lockout);
440                    passwordPolicy.setMaxFailure(maxFailure);
441                    passwordPolicy.setLockoutDuration(lockoutDuration);
442                    passwordPolicy.setRequireUnlock(lockoutDuration == 0);
443                    passwordPolicy.setResetFailureCount(resetFailureCount);
444                    passwordPolicy.setResetTicketMaxAge(resetTicketMaxAge);
445                    passwordPolicy.setExpandoBridgeAttributes(serviceContext);
446    
447                    passwordPolicyPersistence.update(passwordPolicy);
448    
449                    return passwordPolicy;
450            }
451    
452            protected void validate(long passwordPolicyId, long companyId, String name)
453                    throws PortalException, SystemException {
454    
455                    if (Validator.isNull(name) || Validator.isNumber(name) ||
456                            (name.indexOf(CharPool.COMMA) != -1) ||
457                            (name.indexOf(CharPool.STAR) != -1)) {
458    
459                            throw new PasswordPolicyNameException();
460                    }
461    
462                    PasswordPolicy passwordPolicy = passwordPolicyPersistence.fetchByC_N(
463                            companyId, name);
464    
465                    if (passwordPolicy != null) {
466                            if ((passwordPolicyId <= 0) ||
467                                    (passwordPolicy.getPasswordPolicyId() != passwordPolicyId)) {
468    
469                                    throw new DuplicatePasswordPolicyException();
470                            }
471                    }
472            }
473    
474    }