001    /**
002     * Copyright (c) 2000-2012 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.service.impl;
016    
017    import com.liferay.portal.DuplicatePasswordPolicyException;
018    import com.liferay.portal.PasswordPolicyNameException;
019    import com.liferay.portal.RequiredPasswordPolicyException;
020    import com.liferay.portal.kernel.cache.ThreadLocalCachable;
021    import com.liferay.portal.kernel.exception.PortalException;
022    import com.liferay.portal.kernel.exception.SystemException;
023    import com.liferay.portal.kernel.util.CharPool;
024    import com.liferay.portal.kernel.util.OrderByComparator;
025    import com.liferay.portal.kernel.util.Validator;
026    import com.liferay.portal.model.Organization;
027    import com.liferay.portal.model.PasswordPolicy;
028    import com.liferay.portal.model.PasswordPolicyRel;
029    import com.liferay.portal.model.ResourceConstants;
030    import com.liferay.portal.model.User;
031    import com.liferay.portal.security.ldap.LDAPSettingsUtil;
032    import com.liferay.portal.service.base.PasswordPolicyLocalServiceBaseImpl;
033    import com.liferay.portal.util.PropsValues;
034    
035    import java.util.Date;
036    import java.util.List;
037    
038    /**
039     * @author Scott Lee
040     */
041    public class PasswordPolicyLocalServiceImpl
042            extends PasswordPolicyLocalServiceBaseImpl {
043    
044            /**
045             * @deprecated
046             */
047            public PasswordPolicy addPasswordPolicy(
048                            long userId, boolean defaultPolicy, String name, String description,
049                            boolean changeable, boolean changeRequired, long minAge,
050                            boolean checkSyntax, boolean allowDictionaryWords,
051                            int minAlphanumeric, int minLength, int minLowerCase,
052                            int minNumbers, int minSymbols, int minUpperCase, boolean history,
053                            int historyCount, boolean expireable, long maxAge, long warningTime,
054                            int graceLimit, boolean lockout, int maxFailure,
055                            long lockoutDuration, long resetFailureCount,
056                            long resetTicketMaxAge)
057                    throws PortalException, SystemException {
058    
059                    return addPasswordPolicy(
060                            userId, defaultPolicy, name, description, changeable,
061                            changeRequired, minAge, checkSyntax, allowDictionaryWords,
062                            minAlphanumeric, minLength, minLowerCase, minNumbers, minSymbols,
063                            minUpperCase, null, history, historyCount, expireable, maxAge,
064                            warningTime, graceLimit, lockout, maxFailure, lockoutDuration,
065                            resetFailureCount, resetTicketMaxAge);
066            }
067    
068            public PasswordPolicy addPasswordPolicy(
069                            long userId, boolean defaultPolicy, String name, String description,
070                            boolean changeable, boolean changeRequired, long minAge,
071                            boolean checkSyntax, boolean allowDictionaryWords,
072                            int minAlphanumeric, int minLength, int minLowerCase,
073                            int minNumbers, int minSymbols, int minUpperCase, String regex,
074                            boolean history, int historyCount, boolean expireable, long maxAge,
075                            long warningTime, int graceLimit, boolean lockout, int maxFailure,
076                            long lockoutDuration, long resetFailureCount,
077                            long resetTicketMaxAge)
078                    throws PortalException, SystemException {
079    
080                    // Password policy
081    
082                    User user = userPersistence.findByPrimaryKey(userId);
083                    Date now = new Date();
084    
085                    validate(0, user.getCompanyId(), name);
086    
087                    long passwordPolicyId = counterLocalService.increment();
088    
089                    PasswordPolicy passwordPolicy = passwordPolicyPersistence.create(
090                            passwordPolicyId);
091    
092                    passwordPolicy.setUserId(userId);
093                    passwordPolicy.setCompanyId(user.getCompanyId());
094                    passwordPolicy.setUserName(user.getFullName());
095                    passwordPolicy.setCreateDate(now);
096                    passwordPolicy.setModifiedDate(now);
097                    passwordPolicy.setDefaultPolicy(defaultPolicy);
098                    passwordPolicy.setName(name);
099                    passwordPolicy.setDescription(description);
100                    passwordPolicy.setChangeable(changeable);
101                    passwordPolicy.setChangeRequired(changeRequired);
102                    passwordPolicy.setMinAge(minAge);
103                    passwordPolicy.setCheckSyntax(checkSyntax);
104                    passwordPolicy.setAllowDictionaryWords(allowDictionaryWords);
105                    passwordPolicy.setMinAlphanumeric(minAlphanumeric);
106                    passwordPolicy.setMinLength(minLength);
107                    passwordPolicy.setMinLowerCase(minLowerCase);
108                    passwordPolicy.setMinNumbers(minNumbers);
109                    passwordPolicy.setMinSymbols(minSymbols);
110                    passwordPolicy.setMinUpperCase(minUpperCase);
111                    passwordPolicy.setRegex(regex);
112                    passwordPolicy.setHistory(history);
113                    passwordPolicy.setHistoryCount(historyCount);
114                    passwordPolicy.setExpireable(expireable);
115                    passwordPolicy.setMaxAge(maxAge);
116                    passwordPolicy.setWarningTime(warningTime);
117                    passwordPolicy.setGraceLimit(graceLimit);
118                    passwordPolicy.setLockout(lockout);
119                    passwordPolicy.setMaxFailure(maxFailure);
120                    passwordPolicy.setLockoutDuration(lockoutDuration);
121                    passwordPolicy.setRequireUnlock(lockoutDuration == 0);
122                    passwordPolicy.setResetFailureCount(resetFailureCount);
123                    passwordPolicy.setResetTicketMaxAge(resetTicketMaxAge);
124    
125                    passwordPolicyPersistence.update(passwordPolicy);
126    
127                    // Resources
128    
129                    if (!user.isDefaultUser()) {
130                            resourceLocalService.addResources(
131                                    user.getCompanyId(), 0, userId, PasswordPolicy.class.getName(),
132                                    passwordPolicy.getPasswordPolicyId(), false, false, false);
133                    }
134    
135                    return passwordPolicy;
136            }
137    
138            public void checkDefaultPasswordPolicy(long companyId)
139                    throws PortalException, SystemException {
140    
141                    String defaultPasswordPolicyName =
142                            PropsValues.PASSWORDS_DEFAULT_POLICY_NAME;
143    
144                    PasswordPolicy defaultPasswordPolicy =
145                            passwordPolicyPersistence.fetchByC_N(
146                                    companyId, defaultPasswordPolicyName);
147    
148                    if (defaultPasswordPolicy == null) {
149                            long defaultUserId = userLocalService.getDefaultUserId(companyId);
150    
151                            addPasswordPolicy(
152                                    defaultUserId, true, defaultPasswordPolicyName,
153                                    defaultPasswordPolicyName,
154                                    PropsValues.PASSWORDS_DEFAULT_POLICY_CHANGEABLE,
155                                    PropsValues.PASSWORDS_DEFAULT_POLICY_CHANGE_REQUIRED,
156                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_AGE,
157                                    PropsValues.PASSWORDS_DEFAULT_POLICY_CHECK_SYNTAX,
158                                    PropsValues.PASSWORDS_DEFAULT_POLICY_ALLOW_DICTIONARY_WORDS,
159                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_ALPHANUMERIC,
160                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_LENGTH,
161                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_LOWERCASE,
162                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_NUMBERS,
163                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_SYMBOLS,
164                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_UPPERCASE,
165                                    PropsValues.PASSWORDS_DEFAULT_POLICY_REGEX,
166                                    PropsValues.PASSWORDS_DEFAULT_POLICY_HISTORY,
167                                    PropsValues.PASSWORDS_DEFAULT_POLICY_HISTORY_COUNT,
168                                    PropsValues.PASSWORDS_DEFAULT_POLICY_EXPIREABLE,
169                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MAX_AGE,
170                                    PropsValues.PASSWORDS_DEFAULT_POLICY_WARNING_TIME,
171                                    PropsValues.PASSWORDS_DEFAULT_POLICY_GRACE_LIMIT,
172                                    PropsValues.PASSWORDS_DEFAULT_POLICY_LOCKOUT,
173                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MAX_FAILURE,
174                                    PropsValues.PASSWORDS_DEFAULT_POLICY_LOCKOUT_DURATION,
175                                    PropsValues.PASSWORDS_DEFAULT_POLICY_RESET_FAILURE_COUNT,
176                                    PropsValues.PASSWORDS_DEFAULT_POLICY_RESET_TICKET_MAX_AGE);
177                    }
178            }
179    
180            @Override
181            public PasswordPolicy deletePasswordPolicy(long passwordPolicyId)
182                    throws PortalException, SystemException {
183    
184                    PasswordPolicy passwordPolicy =
185                            passwordPolicyPersistence.findByPrimaryKey(passwordPolicyId);
186    
187                    return deletePasswordPolicy(passwordPolicy);
188            }
189    
190            @Override
191            public PasswordPolicy deletePasswordPolicy(PasswordPolicy passwordPolicy)
192                    throws PortalException, SystemException {
193    
194                    if (passwordPolicy.isDefaultPolicy()) {
195                            throw new RequiredPasswordPolicyException();
196                    }
197    
198                    // Password policy relations
199    
200                    passwordPolicyRelLocalService.deletePasswordPolicyRels(
201                            passwordPolicy.getPasswordPolicyId());
202    
203                    // Resources
204    
205                    resourceLocalService.deleteResource(
206                            passwordPolicy.getCompanyId(), PasswordPolicy.class.getName(),
207                            ResourceConstants.SCOPE_INDIVIDUAL,
208                            passwordPolicy.getPasswordPolicyId());
209    
210                    // Password policy
211    
212                    return passwordPolicyPersistence.remove(passwordPolicy);
213            }
214    
215            public PasswordPolicy getDefaultPasswordPolicy(long companyId)
216                    throws PortalException, SystemException {
217    
218                    if (LDAPSettingsUtil.isPasswordPolicyEnabled(companyId)) {
219                            return null;
220                    }
221    
222                    return passwordPolicyPersistence.findByC_DP(companyId, true);
223            }
224    
225            /**
226             * @deprecated
227             */
228            public PasswordPolicy getPasswordPolicy(
229                            long companyId, long organizationId, long locationId)
230                    throws PortalException, SystemException {
231    
232                    return getPasswordPolicy(
233                            companyId, new long[] {organizationId, locationId});
234            }
235    
236            public PasswordPolicy getPasswordPolicy(
237                            long companyId, long[] organizationIds)
238                    throws PortalException, SystemException {
239    
240                    if (LDAPSettingsUtil.isPasswordPolicyEnabled(companyId)) {
241                            return null;
242                    }
243    
244                    if ((organizationIds == null) || (organizationIds.length == 0)) {
245                            return getDefaultPasswordPolicy(companyId);
246                    }
247    
248                    long classNameId = classNameLocalService.getClassNameId(
249                            Organization.class.getName());
250    
251                    PasswordPolicyRel passwordPolicyRel = null;
252    
253                    for (int i = 0; i < organizationIds.length; i++) {
254                            long organizationId = organizationIds[i];
255    
256                            passwordPolicyRel = passwordPolicyRelPersistence.fetchByC_C(
257                                    classNameId, organizationId);
258    
259                            if (passwordPolicyRel != null) {
260                                    return passwordPolicyPersistence.findByPrimaryKey(
261                                            passwordPolicyRel.getPasswordPolicyId());
262                            }
263                    }
264    
265                    return getDefaultPasswordPolicy(companyId);
266            }
267    
268            @ThreadLocalCachable
269            public PasswordPolicy getPasswordPolicyByUserId(long userId)
270                    throws PortalException, SystemException {
271    
272                    User user = userPersistence.findByPrimaryKey(userId);
273    
274                    if (LDAPSettingsUtil.isPasswordPolicyEnabled(user.getCompanyId())) {
275                            return null;
276                    }
277    
278                    long classNameId = classNameLocalService.getClassNameId(
279                            User.class.getName());
280    
281                    PasswordPolicyRel passwordPolicyRel =
282                            passwordPolicyRelPersistence.fetchByC_C(classNameId, userId);
283    
284                    if (passwordPolicyRel != null) {
285                            return getPasswordPolicy(passwordPolicyRel.getPasswordPolicyId());
286                    }
287                    else {
288                            List<Organization> organizations = userPersistence.getOrganizations(
289                                    userId);
290    
291                            if (organizations.isEmpty()) {
292                                    return passwordPolicyPersistence.findByC_DP(
293                                            user.getCompanyId(), true);
294                            }
295    
296                            long[] organizationIds = new long[organizations.size()];
297    
298                            for (int i = 0; i < organizationIds.length; i++) {
299                                    Organization organization = organizations.get(i);
300    
301                                    organizationIds[i] = organization.getOrganizationId();
302                            }
303    
304                            return getPasswordPolicy(user.getCompanyId(), organizationIds);
305                    }
306            }
307    
308            public List<PasswordPolicy> search(
309                            long companyId, String name, int start, int end,
310                            OrderByComparator obc)
311                    throws SystemException {
312    
313                    return passwordPolicyFinder.findByC_N(companyId, name, start, end, obc);
314            }
315    
316            public int searchCount(long companyId, String name) throws SystemException {
317                    return passwordPolicyFinder.countByC_N(companyId, name);
318            }
319    
320            /**
321             * @deprecated
322             */
323            public PasswordPolicy updatePasswordPolicy(
324                            long passwordPolicyId, String name, String description,
325                            boolean changeable, boolean changeRequired, long minAge,
326                            boolean checkSyntax, boolean allowDictionaryWords,
327                            int minAlphanumeric, int minLength, int minLowerCase,
328                            int minNumbers, int minSymbols, int minUpperCase, boolean history,
329                            int historyCount, boolean expireable, long maxAge, long warningTime,
330                            int graceLimit, boolean lockout, int maxFailure,
331                            long lockoutDuration, long resetFailureCount,
332                            long resetTicketMaxAge)
333                    throws PortalException, SystemException {
334    
335                    return updatePasswordPolicy(
336                            passwordPolicyId, name, description, changeable, changeRequired,
337                            minAge, checkSyntax, allowDictionaryWords, minAlphanumeric,
338                            minLength, minLowerCase, minNumbers, minSymbols, minUpperCase, null,
339                            history, historyCount, expireable, maxAge, warningTime, graceLimit,
340                            lockout, maxFailure, lockoutDuration, resetFailureCount,
341                            resetTicketMaxAge);
342            }
343    
344            public PasswordPolicy updatePasswordPolicy(
345                            long passwordPolicyId, String name, String description,
346                            boolean changeable, boolean changeRequired, long minAge,
347                            boolean checkSyntax, boolean allowDictionaryWords,
348                            int minAlphanumeric, int minLength, int minLowerCase,
349                            int minNumbers, int minSymbols, int minUpperCase, String regex,
350                            boolean history, int historyCount, boolean expireable, long maxAge,
351                            long warningTime, int graceLimit, boolean lockout, int maxFailure,
352                            long lockoutDuration, long resetFailureCount,
353                            long resetTicketMaxAge)
354                    throws PortalException, SystemException {
355    
356                    Date now = new Date();
357    
358                    PasswordPolicy passwordPolicy =
359                            passwordPolicyPersistence.findByPrimaryKey(passwordPolicyId);
360    
361                    if (!passwordPolicy.getDefaultPolicy()) {
362                            validate(passwordPolicyId, passwordPolicy.getCompanyId(), name);
363    
364                            passwordPolicy.setName(name);
365                    }
366    
367                    passwordPolicy.setModifiedDate(now);
368                    passwordPolicy.setDescription(description);
369                    passwordPolicy.setChangeable(changeable);
370                    passwordPolicy.setChangeRequired(changeRequired);
371                    passwordPolicy.setMinAge(minAge);
372                    passwordPolicy.setCheckSyntax(checkSyntax);
373                    passwordPolicy.setAllowDictionaryWords(allowDictionaryWords);
374                    passwordPolicy.setMinAlphanumeric(minAlphanumeric);
375                    passwordPolicy.setMinLength(minLength);
376                    passwordPolicy.setMinLowerCase(minLowerCase);
377                    passwordPolicy.setMinNumbers(minNumbers);
378                    passwordPolicy.setMinSymbols(minSymbols);
379                    passwordPolicy.setMinUpperCase(minUpperCase);
380                    passwordPolicy.setRegex(regex);
381                    passwordPolicy.setHistory(history);
382                    passwordPolicy.setHistoryCount(historyCount);
383                    passwordPolicy.setExpireable(expireable);
384                    passwordPolicy.setMaxAge(maxAge);
385                    passwordPolicy.setWarningTime(warningTime);
386                    passwordPolicy.setGraceLimit(graceLimit);
387                    passwordPolicy.setLockout(lockout);
388                    passwordPolicy.setMaxFailure(maxFailure);
389                    passwordPolicy.setLockoutDuration(lockoutDuration);
390                    passwordPolicy.setRequireUnlock(lockoutDuration == 0);
391                    passwordPolicy.setResetFailureCount(resetFailureCount);
392                    passwordPolicy.setResetTicketMaxAge(resetTicketMaxAge);
393    
394                    passwordPolicyPersistence.update(passwordPolicy);
395    
396                    return passwordPolicy;
397            }
398    
399            protected void validate(long passwordPolicyId, long companyId, String name)
400                    throws PortalException, SystemException {
401    
402                    if (Validator.isNull(name) || Validator.isNumber(name) ||
403                            (name.indexOf(CharPool.COMMA) != -1) ||
404                            (name.indexOf(CharPool.STAR) != -1)) {
405    
406                            throw new PasswordPolicyNameException();
407                    }
408    
409                    PasswordPolicy passwordPolicy = passwordPolicyPersistence.fetchByC_N(
410                            companyId, name);
411    
412                    if (passwordPolicy != null) {
413                            if ((passwordPolicyId <= 0) ||
414                                    (passwordPolicy.getPasswordPolicyId() != passwordPolicyId)) {
415    
416                                    throw new DuplicatePasswordPolicyException();
417                            }
418                    }
419            }
420    
421    }