001
014
015 package com.liferay.portal.service.impl;
016
017 import com.liferay.portal.RequiredUserException;
018 import com.liferay.portal.ReservedUserEmailAddressException;
019 import com.liferay.portal.UserEmailAddressException;
020 import com.liferay.portal.UserScreenNameException;
021 import com.liferay.portal.kernel.exception.PortalException;
022 import com.liferay.portal.kernel.exception.SystemException;
023 import com.liferay.portal.kernel.search.Indexer;
024 import com.liferay.portal.kernel.search.IndexerRegistryUtil;
025 import com.liferay.portal.kernel.util.ArrayUtil;
026 import com.liferay.portal.kernel.util.ParamUtil;
027 import com.liferay.portal.kernel.workflow.WorkflowConstants;
028 import com.liferay.portal.kernel.workflow.WorkflowThreadLocal;
029 import com.liferay.portal.model.Address;
030 import com.liferay.portal.model.Company;
031 import com.liferay.portal.model.CompanyConstants;
032 import com.liferay.portal.model.Contact;
033 import com.liferay.portal.model.EmailAddress;
034 import com.liferay.portal.model.Group;
035 import com.liferay.portal.model.GroupConstants;
036 import com.liferay.portal.model.Organization;
037 import com.liferay.portal.model.Phone;
038 import com.liferay.portal.model.Role;
039 import com.liferay.portal.model.RoleConstants;
040 import com.liferay.portal.model.User;
041 import com.liferay.portal.model.UserGroup;
042 import com.liferay.portal.model.UserGroupRole;
043 import com.liferay.portal.model.Website;
044 import com.liferay.portal.security.auth.MembershipPolicyException;
045 import com.liferay.portal.security.auth.MembershipPolicyUtil;
046 import com.liferay.portal.security.auth.PrincipalException;
047 import com.liferay.portal.security.permission.ActionKeys;
048 import com.liferay.portal.security.permission.PermissionChecker;
049 import com.liferay.portal.service.ServiceContext;
050 import com.liferay.portal.service.base.UserServiceBaseImpl;
051 import com.liferay.portal.service.permission.GroupPermissionUtil;
052 import com.liferay.portal.service.permission.OrganizationPermissionUtil;
053 import com.liferay.portal.service.permission.PasswordPolicyPermissionUtil;
054 import com.liferay.portal.service.permission.PortalPermissionUtil;
055 import com.liferay.portal.service.permission.RolePermissionUtil;
056 import com.liferay.portal.service.permission.TeamPermissionUtil;
057 import com.liferay.portal.service.permission.UserGroupPermissionUtil;
058 import com.liferay.portal.service.permission.UserGroupRolePermissionUtil;
059 import com.liferay.portal.service.permission.UserPermissionUtil;
060 import com.liferay.portal.util.PropsValues;
061 import com.liferay.portlet.announcements.model.AnnouncementsDelivery;
062 import com.liferay.portlet.usersadmin.util.UsersAdminUtil;
063
064 import java.util.ArrayList;
065 import java.util.List;
066 import java.util.Locale;
067 import java.util.Set;
068
069
078 public class UserServiceImpl extends UserServiceBaseImpl {
079
080
092 public void addGroupUsers(
093 long groupId, long[] userIds, ServiceContext serviceContext)
094 throws PortalException, SystemException {
095
096 try {
097 GroupPermissionUtil.check(
098 getPermissionChecker(), groupId, ActionKeys.ASSIGN_MEMBERS);
099 }
100 catch (PrincipalException pe) {
101
102
103
104 boolean hasPermission = false;
105
106 if (userIds.length == 0) {
107 hasPermission = true;
108 }
109 else if (userIds.length == 1) {
110 User user = getUser();
111
112 if (user.getUserId() == userIds[0]) {
113 Group group = groupPersistence.findByPrimaryKey(groupId);
114
115 if (user.getCompanyId() == group.getCompanyId()) {
116 int type = group.getType();
117
118 if (type == GroupConstants.TYPE_SITE_OPEN) {
119 hasPermission = true;
120 }
121 }
122 }
123 }
124
125 if (!hasPermission) {
126 throw new PrincipalException();
127 }
128 }
129
130 checkAddGroupUsersMembershipPolicy(groupId, userIds);
131
132 userLocalService.addGroupUsers(groupId, userIds);
133 }
134
135
147 public void addOrganizationUsers(long organizationId, long[] userIds)
148 throws PortalException, SystemException {
149
150 OrganizationPermissionUtil.check(
151 getPermissionChecker(), organizationId, ActionKeys.ASSIGN_MEMBERS);
152
153 validateOrganizationUsers(userIds);
154
155 checkAddOrganizationUsersMembershipPolicy(organizationId, userIds);
156
157 userLocalService.addOrganizationUsers(organizationId, userIds);
158 }
159
160
170 public void addPasswordPolicyUsers(long passwordPolicyId, long[] userIds)
171 throws PortalException, SystemException {
172
173 PasswordPolicyPermissionUtil.check(
174 getPermissionChecker(), passwordPolicyId,
175 ActionKeys.ASSIGN_MEMBERS);
176
177 userLocalService.addPasswordPolicyUsers(passwordPolicyId, userIds);
178 }
179
180
191 public void addRoleUsers(long roleId, long[] userIds)
192 throws PortalException, SystemException {
193
194 RolePermissionUtil.check(
195 getPermissionChecker(), roleId, ActionKeys.ASSIGN_MEMBERS);
196
197 checkAddRoleUsersMembershipPolicy(roleId, userIds);
198
199 userLocalService.addRoleUsers(roleId, userIds);
200 }
201
202
212 public void addTeamUsers(long teamId, long[] userIds)
213 throws PortalException, SystemException {
214
215 TeamPermissionUtil.check(
216 getPermissionChecker(), teamId, ActionKeys.ASSIGN_MEMBERS);
217
218 userLocalService.addTeamUsers(teamId, userIds);
219 }
220
221
271 public User addUser(
272 long companyId, boolean autoPassword, String password1,
273 String password2, boolean autoScreenName, String screenName,
274 String emailAddress, long facebookId, String openId, Locale locale,
275 String firstName, String middleName, String lastName, int prefixId,
276 int suffixId, boolean male, int birthdayMonth, int birthdayDay,
277 int birthdayYear, String jobTitle, long[] groupIds,
278 long[] organizationIds, long[] roleIds, long[] userGroupIds,
279 boolean sendEmail, ServiceContext serviceContext)
280 throws PortalException, SystemException {
281
282 boolean workflowEnabled = WorkflowThreadLocal.isEnabled();
283
284 try {
285 WorkflowThreadLocal.setEnabled(false);
286
287 return addUserWithWorkflow(
288 companyId, autoPassword, password1, password2, autoScreenName,
289 screenName, emailAddress, facebookId, openId, locale, firstName,
290 middleName, lastName, prefixId, suffixId, male, birthdayMonth,
291 birthdayDay, birthdayYear, jobTitle, groupIds, organizationIds,
292 roleIds, userGroupIds, sendEmail, serviceContext);
293 }
294 finally {
295 WorkflowThreadLocal.setEnabled(workflowEnabled);
296 }
297 }
298
299
354 public User addUser(
355 long companyId, boolean autoPassword, String password1,
356 String password2, boolean autoScreenName, String screenName,
357 String emailAddress, long facebookId, String openId, Locale locale,
358 String firstName, String middleName, String lastName, int prefixId,
359 int suffixId, boolean male, int birthdayMonth, int birthdayDay,
360 int birthdayYear, String jobTitle, long[] groupIds,
361 long[] organizationIds, long[] roleIds, long[] userGroupIds,
362 List<Address> addresses, List<EmailAddress> emailAddresses,
363 List<Phone> phones, List<Website> websites,
364 List<AnnouncementsDelivery> announcementsDelivers,
365 boolean sendEmail, ServiceContext serviceContext)
366 throws PortalException, SystemException {
367
368 boolean workflowEnabled = WorkflowThreadLocal.isEnabled();
369
370 try {
371 WorkflowThreadLocal.setEnabled(false);
372
373 return addUserWithWorkflow(
374 companyId, autoPassword, password1, password2, autoScreenName,
375 screenName, emailAddress, facebookId, openId, locale, firstName,
376 middleName, lastName, prefixId, suffixId, male, birthdayMonth,
377 birthdayDay, birthdayYear, jobTitle, groupIds, organizationIds,
378 roleIds, userGroupIds, addresses, emailAddresses, phones,
379 websites, announcementsDelivers, sendEmail, serviceContext);
380 }
381 finally {
382 WorkflowThreadLocal.setEnabled(workflowEnabled);
383 }
384 }
385
386
397 public void addUserGroupUsers(long userGroupId, long[] userIds)
398 throws PortalException, SystemException {
399
400 UserGroupPermissionUtil.check(
401 getPermissionChecker(), userGroupId, ActionKeys.ASSIGN_MEMBERS);
402
403 checkAddUserGroupUsersMembershipPolicy(userGroupId, userIds);
404
405 userLocalService.addUserGroupUsers(userGroupId, userIds);
406 }
407
408
458 public User addUserWithWorkflow(
459 long companyId, boolean autoPassword, String password1,
460 String password2, boolean autoScreenName, String screenName,
461 String emailAddress, long facebookId, String openId, Locale locale,
462 String firstName, String middleName, String lastName, int prefixId,
463 int suffixId, boolean male, int birthdayMonth, int birthdayDay,
464 int birthdayYear, String jobTitle, long[] groupIds,
465 long[] organizationIds, long[] roleIds, long[] userGroupIds,
466 boolean sendEmail, ServiceContext serviceContext)
467 throws PortalException, SystemException {
468
469 long creatorUserId = 0;
470
471 try {
472 creatorUserId = getGuestOrUserId();
473 }
474 catch (PrincipalException pe) {
475 }
476
477 checkAddUserPermission(
478 creatorUserId, companyId, emailAddress, groupIds, organizationIds,
479 roleIds, userGroupIds, serviceContext);
480
481 return userLocalService.addUserWithWorkflow(
482 creatorUserId, companyId, autoPassword, password1, password2,
483 autoScreenName, screenName, emailAddress, facebookId, openId,
484 locale, firstName, middleName, lastName, prefixId, suffixId, male,
485 birthdayMonth, birthdayDay, birthdayYear, jobTitle, groupIds,
486 organizationIds, roleIds, userGroupIds, sendEmail, serviceContext);
487 }
488
489
544 public User addUserWithWorkflow(
545 long companyId, boolean autoPassword, String password1,
546 String password2, boolean autoScreenName, String screenName,
547 String emailAddress, long facebookId, String openId, Locale locale,
548 String firstName, String middleName, String lastName, int prefixId,
549 int suffixId, boolean male, int birthdayMonth, int birthdayDay,
550 int birthdayYear, String jobTitle, long[] groupIds,
551 long[] organizationIds, long[] roleIds, long[] userGroupIds,
552 List<Address> addresses, List<EmailAddress> emailAddresses,
553 List<Phone> phones, List<Website> websites,
554 List<AnnouncementsDelivery> announcementsDelivers,
555 boolean sendEmail, ServiceContext serviceContext)
556 throws PortalException, SystemException {
557
558 boolean indexingEnabled = serviceContext.isIndexingEnabled();
559
560 serviceContext.setIndexingEnabled(false);
561
562 try {
563 User user = addUserWithWorkflow(
564 companyId, autoPassword, password1, password2, autoScreenName,
565 screenName, emailAddress, facebookId, openId, locale, firstName,
566 middleName, lastName, prefixId, suffixId, male, birthdayMonth,
567 birthdayDay, birthdayYear, jobTitle, groupIds, organizationIds,
568 roleIds, userGroupIds, sendEmail, serviceContext);
569
570 UsersAdminUtil.updateAddresses(
571 Contact.class.getName(), user.getContactId(), addresses);
572
573 UsersAdminUtil.updateEmailAddresses(
574 Contact.class.getName(), user.getContactId(), emailAddresses);
575
576 UsersAdminUtil.updatePhones(
577 Contact.class.getName(), user.getContactId(), phones);
578
579 UsersAdminUtil.updateWebsites(
580 Contact.class.getName(), user.getContactId(), websites);
581
582 updateAnnouncementsDeliveries(
583 user.getUserId(), announcementsDelivers);
584
585 if (indexingEnabled) {
586 Indexer indexer = IndexerRegistryUtil.nullSafeGetIndexer(
587 User.class);
588
589 indexer.reindex(user);
590 }
591
592 return user;
593 }
594 finally {
595 serviceContext.setIndexingEnabled(indexingEnabled);
596 }
597 }
598
599
608 public void deletePortrait(long userId)
609 throws PortalException, SystemException {
610
611 UserPermissionUtil.check(
612 getPermissionChecker(), userId, ActionKeys.UPDATE);
613
614 userLocalService.deletePortrait(userId);
615 }
616
617
627 public void deleteRoleUser(long roleId, long userId)
628 throws PortalException, SystemException {
629
630 RolePermissionUtil.check(
631 getPermissionChecker(), roleId, ActionKeys.ASSIGN_MEMBERS);
632
633 userLocalService.deleteRoleUser(roleId, userId);
634 }
635
636
644 public void deleteUser(long userId)
645 throws PortalException, SystemException {
646
647 if (getUserId() == userId) {
648 throw new RequiredUserException();
649 }
650
651 UserPermissionUtil.check(
652 getPermissionChecker(), userId, ActionKeys.DELETE);
653
654 userLocalService.deleteUser(userId);
655 }
656
657 public List<User> getCompanyUsers(long companyId, int start, int end)
658 throws PortalException, SystemException {
659
660 PermissionChecker permissionChecker = getPermissionChecker();
661
662 if (!permissionChecker.isCompanyAdmin(companyId)) {
663 throw new PrincipalException();
664 }
665
666 return userPersistence.findByCompanyId(companyId, start, end);
667 }
668
669 public int getCompanyUsersCount(long companyId)
670 throws PortalException, SystemException {
671
672 PermissionChecker permissionChecker = getPermissionChecker();
673
674 if (!permissionChecker.isCompanyAdmin(companyId)) {
675 throw new PrincipalException();
676 }
677
678 return userPersistence.countByCompanyId(companyId);
679 }
680
681
690 public long[] getGroupUserIds(long groupId)
691 throws PortalException, SystemException {
692
693 GroupPermissionUtil.check(
694 getPermissionChecker(), groupId, ActionKeys.VIEW_MEMBERS);
695
696 return userLocalService.getGroupUserIds(groupId);
697 }
698
699
708 public List<User> getGroupUsers(long groupId)
709 throws PortalException, SystemException {
710
711 GroupPermissionUtil.check(
712 getPermissionChecker(), groupId, ActionKeys.VIEW_MEMBERS);
713
714 return userLocalService.getGroupUsers(groupId);
715 }
716
717
726 public long[] getOrganizationUserIds(long organizationId)
727 throws PortalException, SystemException {
728
729 OrganizationPermissionUtil.check(
730 getPermissionChecker(), organizationId, ActionKeys.VIEW_MEMBERS);
731
732 return userLocalService.getOrganizationUserIds(organizationId);
733 }
734
735
744 public List<User> getOrganizationUsers(long organizationId)
745 throws PortalException, SystemException {
746
747 OrganizationPermissionUtil.check(
748 getPermissionChecker(), organizationId, ActionKeys.VIEW_MEMBERS);
749
750 return userLocalService.getOrganizationUsers(organizationId);
751 }
752
753
762 public long[] getRoleUserIds(long roleId) throws
763 PortalException, SystemException {
764
765 RolePermissionUtil.check(
766 getPermissionChecker(), roleId, ActionKeys.VIEW);
767
768 return userLocalService.getRoleUserIds(roleId);
769 }
770
771
782 public User getUserByEmailAddress(long companyId, String emailAddress)
783 throws PortalException, SystemException {
784
785 User user = userLocalService.getUserByEmailAddress(
786 companyId, emailAddress);
787
788 UserPermissionUtil.check(
789 getPermissionChecker(), user.getUserId(), ActionKeys.VIEW);
790
791 return user;
792 }
793
794
803 public User getUserById(long userId)
804 throws PortalException, SystemException {
805
806 User user = userPersistence.findByPrimaryKey(userId);
807
808 UserPermissionUtil.check(
809 getPermissionChecker(), user.getUserId(), ActionKeys.VIEW);
810
811 return user;
812 }
813
814
824 public User getUserByScreenName(long companyId, String screenName)
825 throws PortalException, SystemException {
826
827 User user = userLocalService.getUserByScreenName(companyId, screenName);
828
829 UserPermissionUtil.check(
830 getPermissionChecker(), user.getUserId(), ActionKeys.VIEW);
831
832 return user;
833 }
834
835 public List<User> getUserGroupUsers(long userGroupId)
836 throws PortalException, SystemException {
837
838 UserGroupPermissionUtil.check(
839 getPermissionChecker(), userGroupId, ActionKeys.VIEW_MEMBERS);
840
841 return userGroupPersistence.getUsers(userGroupId);
842 }
843
844
854 public long getUserIdByEmailAddress(long companyId, String emailAddress)
855 throws PortalException, SystemException {
856
857 User user = getUserByEmailAddress(companyId, emailAddress);
858
859 UserPermissionUtil.check(
860 getPermissionChecker(), user.getUserId(), ActionKeys.VIEW);
861
862 return user.getUserId();
863 }
864
865
874 public long getUserIdByScreenName(long companyId, String screenName)
875 throws PortalException, SystemException {
876
877 User user = getUserByScreenName(companyId, screenName);
878
879 UserPermissionUtil.check(
880 getPermissionChecker(), user.getUserId(), ActionKeys.VIEW);
881
882 return user.getUserId();
883 }
884
885
896 public boolean hasGroupUser(long groupId, long userId)
897 throws PortalException, SystemException {
898
899 try {
900 UserPermissionUtil.check(
901 getPermissionChecker(), userId, ActionKeys.VIEW);
902 }
903 catch (PrincipalException e) {
904 GroupPermissionUtil.check(
905 getPermissionChecker(), groupId, ActionKeys.VIEW_MEMBERS);
906 }
907
908 return userLocalService.hasGroupUser(groupId, userId);
909 }
910
911
922 public boolean hasRoleUser(long roleId, long userId)
923 throws PortalException, SystemException {
924
925 try {
926 UserPermissionUtil.check(
927 getPermissionChecker(), userId, ActionKeys.VIEW);
928 }
929 catch (PrincipalException e) {
930 RolePermissionUtil.check(
931 getPermissionChecker(), roleId, ActionKeys.VIEW_MEMBERS);
932 }
933
934 return userLocalService.hasRoleUser(roleId, userId);
935 }
936
937
952 public boolean hasRoleUser(
953 long companyId, String name, long userId, boolean inherited)
954 throws PortalException, SystemException {
955
956 try {
957 UserPermissionUtil.check(
958 getPermissionChecker(), userId, ActionKeys.VIEW);
959 }
960 catch (PrincipalException e) {
961 Role role = roleLocalService.getRole(companyId, name);
962
963 RolePermissionUtil.check(
964 getPermissionChecker(), role.getRoleId(),
965 ActionKeys.VIEW_MEMBERS);
966 }
967
968 return userLocalService.hasRoleUser(companyId, name, userId, inherited);
969 }
970
971
982 public void setRoleUsers(long roleId, long[] userIds)
983 throws PortalException, SystemException {
984
985 RolePermissionUtil.check(
986 getPermissionChecker(), roleId, ActionKeys.ASSIGN_MEMBERS);
987
988 checkSetRoleUsersMembershipPolicy(roleId, userIds);
989
990 userLocalService.setRoleUsers(roleId, userIds);
991 }
992
993
1003 public void setUserGroupUsers(long userGroupId, long[] userIds)
1004 throws PortalException, SystemException {
1005
1006 UserGroupPermissionUtil.check(
1007 getPermissionChecker(), userGroupId, ActionKeys.ASSIGN_MEMBERS);
1008
1009 checkSetUserGroupUsersMembershipPolicy(userGroupId, userIds);
1010
1011 userLocalService.setUserGroupUsers(userGroupId, userIds);
1012 }
1013
1014
1023 public void unsetGroupTeamsUsers(long groupId, long[] userIds)
1024 throws PortalException, SystemException {
1025
1026 UserGroupPermissionUtil.check(
1027 getPermissionChecker(), groupId, ActionKeys.ASSIGN_MEMBERS);
1028
1029 userLocalService.unsetGroupTeamsUsers(groupId, userIds);
1030 }
1031
1032
1043 public void unsetGroupUsers(
1044 long groupId, long[] userIds, ServiceContext serviceContext)
1045 throws PortalException, SystemException {
1046
1047 try {
1048 userIds = UsersAdminUtil.filterUnsetGroupUserIds(
1049 getPermissionChecker(), groupId, userIds);
1050
1051 if (userIds.length == 0) {
1052 return;
1053 }
1054
1055 GroupPermissionUtil.check(
1056 getPermissionChecker(), groupId, ActionKeys.ASSIGN_MEMBERS);
1057 }
1058 catch (PrincipalException pe) {
1059
1060
1061
1062 boolean hasPermission = false;
1063
1064 if (userIds.length == 0) {
1065 hasPermission = true;
1066 }
1067 else if (userIds.length == 1) {
1068 User user = getUser();
1069
1070 if (user.getUserId() == userIds[0]) {
1071 Group group = groupPersistence.findByPrimaryKey(groupId);
1072
1073 if (user.getCompanyId() == group.getCompanyId()) {
1074 int type = group.getType();
1075
1076 if ((type == GroupConstants.TYPE_SITE_OPEN) ||
1077 (type == GroupConstants.TYPE_SITE_RESTRICTED)) {
1078
1079 hasPermission = true;
1080 }
1081 }
1082 }
1083 }
1084
1085 if (!hasPermission) {
1086 throw new PrincipalException();
1087 }
1088 }
1089
1090 checkUnsetGroupUsersMembershipPolicy(groupId, userIds);
1091
1092 userLocalService.unsetGroupUsers(groupId, userIds, serviceContext);
1093 }
1094
1095
1105 public void unsetOrganizationUsers(long organizationId, long[] userIds)
1106 throws PortalException, SystemException {
1107
1108 User user = getUser();
1109
1110 Group group = groupLocalService.getOrganizationGroup(
1111 user.getCompanyId(), organizationId);
1112
1113 userIds = UsersAdminUtil.filterUnsetGroupUserIds(
1114 getPermissionChecker(), group.getGroupId(), userIds);
1115
1116 if (userIds.length == 0) {
1117 return;
1118 }
1119
1120 OrganizationPermissionUtil.check(
1121 getPermissionChecker(), organizationId, ActionKeys.ASSIGN_MEMBERS);
1122
1123 checkUnsetOrganizationUsersMembershipPolicy(organizationId, userIds);
1124
1125 userLocalService.unsetOrganizationUsers(organizationId, userIds);
1126 }
1127
1128
1137 public void unsetPasswordPolicyUsers(long passwordPolicyId, long[] userIds)
1138 throws PortalException, SystemException {
1139
1140 PasswordPolicyPermissionUtil.check(
1141 getPermissionChecker(), passwordPolicyId,
1142 ActionKeys.ASSIGN_MEMBERS);
1143
1144 userLocalService.unsetPasswordPolicyUsers(passwordPolicyId, userIds);
1145 }
1146
1147
1157 public void unsetRoleUsers(long roleId, long[] userIds)
1158 throws PortalException, SystemException {
1159
1160 RolePermissionUtil.check(
1161 getPermissionChecker(), roleId, ActionKeys.ASSIGN_MEMBERS);
1162
1163 checkUnsetRoleUsersMembershipPolicy(roleId, userIds);
1164
1165 userLocalService.unsetRoleUsers(roleId, userIds);
1166 }
1167
1168
1177 public void unsetTeamUsers(long teamId, long[] userIds)
1178 throws PortalException, SystemException {
1179
1180 TeamPermissionUtil.check(
1181 getPermissionChecker(), teamId, ActionKeys.ASSIGN_MEMBERS);
1182
1183 userLocalService.unsetTeamUsers(teamId, userIds);
1184 }
1185
1186
1196 public void unsetUserGroupUsers(long userGroupId, long[] userIds)
1197 throws PortalException, SystemException {
1198
1199 UserGroupPermissionUtil.check(
1200 getPermissionChecker(), userGroupId, ActionKeys.ASSIGN_MEMBERS);
1201
1202 checkUnsetUserGroupUsersMembershipPolicy(userGroupId, userIds);
1203
1204 userLocalService.unsetUserGroupUsers(userGroupId, userIds);
1205 }
1206
1207
1217 public User updateAgreedToTermsOfUse(
1218 long userId, boolean agreedToTermsOfUse)
1219 throws PortalException, SystemException {
1220
1221 UserPermissionUtil.check(
1222 getPermissionChecker(), userId, ActionKeys.UPDATE);
1223
1224 return userLocalService.updateAgreedToTermsOfUse(
1225 userId, agreedToTermsOfUse);
1226 }
1227
1228
1243 public User updateEmailAddress(
1244 long userId, String password, String emailAddress1,
1245 String emailAddress2, ServiceContext serviceContext)
1246 throws PortalException, SystemException {
1247
1248 UserPermissionUtil.check(
1249 getPermissionChecker(), userId, ActionKeys.UPDATE);
1250
1251 return userLocalService.updateEmailAddress(
1252 userId, password, emailAddress1, emailAddress2, serviceContext);
1253 }
1254
1255
1294 public User updateIncompleteUser(
1295 long companyId, boolean autoPassword, String password1,
1296 String password2, boolean autoScreenName, String screenName,
1297 String emailAddress, long facebookId, String openId, Locale locale,
1298 String firstName, String middleName, String lastName, int prefixId,
1299 int suffixId, boolean male, int birthdayMonth, int birthdayDay,
1300 int birthdayYear, String jobTitle, boolean updateUserInformation,
1301 boolean sendEmail, ServiceContext serviceContext)
1302 throws PortalException, SystemException {
1303
1304 long creatorUserId = 0;
1305
1306 try {
1307 creatorUserId = getGuestOrUserId();
1308 }
1309 catch (PrincipalException pe) {
1310 }
1311
1312 checkAddUserPermission(
1313 creatorUserId, companyId, emailAddress, null, null, null, null,
1314 serviceContext);
1315
1316 return userLocalService.updateIncompleteUser(
1317 creatorUserId, companyId, autoPassword, password1, password2,
1318 autoScreenName, screenName, emailAddress, facebookId, openId,
1319 locale, firstName, middleName, lastName, prefixId, suffixId, male,
1320 birthdayMonth, birthdayDay, birthdayYear, jobTitle,
1321 updateUserInformation, sendEmail, serviceContext);
1322 }
1323
1324
1334 public User updateLockoutById(long userId, boolean lockout)
1335 throws PortalException, SystemException {
1336
1337 UserPermissionUtil.check(
1338 getPermissionChecker(), userId, ActionKeys.DELETE);
1339
1340 return userLocalService.updateLockoutById(userId, lockout);
1341 }
1342
1343
1353 public User updateOpenId(long userId, String openId)
1354 throws PortalException, SystemException {
1355
1356 UserPermissionUtil.check(
1357 getPermissionChecker(), userId, ActionKeys.UPDATE);
1358
1359 return userLocalService.updateOpenId(userId, openId);
1360 }
1361
1362
1374 public void updateOrganizations(
1375 long userId, long[] organizationIds, ServiceContext serviceContext)
1376 throws PortalException, SystemException {
1377
1378 UserPermissionUtil.check(
1379 getPermissionChecker(), userId, ActionKeys.UPDATE);
1380
1381 checkOrganizations(userId, organizationIds);
1382
1383 userLocalService.updateOrganizations(
1384 userId, organizationIds, serviceContext);
1385 }
1386
1387
1400 public User updatePassword(
1401 long userId, String password1, String password2,
1402 boolean passwordReset)
1403 throws PortalException, SystemException {
1404
1405 UserPermissionUtil.check(
1406 getPermissionChecker(), userId, ActionKeys.UPDATE);
1407
1408 return userLocalService.updatePassword(
1409 userId, password1, password2, passwordReset);
1410 }
1411
1412
1423 public User updatePortrait(long userId, byte[] bytes)
1424 throws PortalException, SystemException {
1425
1426 UserPermissionUtil.check(
1427 getPermissionChecker(), userId, ActionKeys.UPDATE);
1428
1429 return userLocalService.updatePortrait(userId, bytes);
1430 }
1431
1432
1444 public User updateReminderQuery(long userId, String question, String answer)
1445 throws PortalException, SystemException {
1446
1447 UserPermissionUtil.check(
1448 getPermissionChecker(), userId, ActionKeys.UPDATE);
1449
1450 return userLocalService.updateReminderQuery(userId, question, answer);
1451 }
1452
1453
1464 public User updateScreenName(long userId, String screenName)
1465 throws PortalException, SystemException {
1466
1467 UserPermissionUtil.check(
1468 getPermissionChecker(), userId, ActionKeys.UPDATE);
1469
1470 return userLocalService.updateScreenName(userId, screenName);
1471 }
1472
1473
1487 public User updateStatus(long userId, int status)
1488 throws PortalException, SystemException {
1489
1490 if ((getUserId() == userId) &&
1491 (status != WorkflowConstants.STATUS_APPROVED)) {
1492
1493 throw new RequiredUserException();
1494 }
1495
1496 UserPermissionUtil.check(
1497 getPermissionChecker(), userId, ActionKeys.DELETE);
1498
1499 return userLocalService.updateStatus(userId, status);
1500 }
1501
1502
1565 public User updateUser(
1566 long userId, String oldPassword, String newPassword1,
1567 String newPassword2, boolean passwordReset,
1568 String reminderQueryQuestion, String reminderQueryAnswer,
1569 String screenName, String emailAddress, long facebookId,
1570 String openId, String languageId, String timeZoneId,
1571 String greeting, String comments, String firstName,
1572 String middleName, String lastName, int prefixId, int suffixId,
1573 boolean male, int birthdayMonth, int birthdayDay, int birthdayYear,
1574 String smsSn, String aimSn, String facebookSn, String icqSn,
1575 String jabberSn, String msnSn, String mySpaceSn, String skypeSn,
1576 String twitterSn, String ymSn, String jobTitle, long[] groupIds,
1577 long[] organizationIds, long[] roleIds,
1578 List<UserGroupRole> userGroupRoles, long[] userGroupIds,
1579 List<Address> addresses, List<EmailAddress> emailAddresses,
1580 List<Phone> phones, List<Website> websites,
1581 List<AnnouncementsDelivery> announcementsDelivers,
1582 ServiceContext serviceContext)
1583 throws PortalException, SystemException {
1584
1585 UserPermissionUtil.check(
1586 getPermissionChecker(), userId, organizationIds, ActionKeys.UPDATE);
1587
1588 User user = userPersistence.findByPrimaryKey(userId);
1589
1590 if (addresses != null) {
1591 UsersAdminUtil.updateAddresses(
1592 Contact.class.getName(), user.getContactId(), addresses);
1593 }
1594
1595 if (emailAddresses != null) {
1596 UsersAdminUtil.updateEmailAddresses(
1597 Contact.class.getName(), user.getContactId(), emailAddresses);
1598 }
1599
1600 if (phones != null) {
1601 UsersAdminUtil.updatePhones(
1602 Contact.class.getName(), user.getContactId(), phones);
1603 }
1604
1605 if (websites != null) {
1606 UsersAdminUtil.updateWebsites(
1607 Contact.class.getName(), user.getContactId(), websites);
1608 }
1609
1610 if (announcementsDelivers != null) {
1611 updateAnnouncementsDeliveries(
1612 user.getUserId(), announcementsDelivers);
1613 }
1614
1615 long curUserId = getUserId();
1616
1617 if (curUserId == userId) {
1618 screenName = screenName.trim().toLowerCase();
1619
1620 if (!screenName.equalsIgnoreCase(user.getScreenName())) {
1621 validateScreenName(user, screenName);
1622 }
1623
1624 emailAddress = emailAddress.trim().toLowerCase();
1625
1626 if (!emailAddress.equalsIgnoreCase(user.getEmailAddress())) {
1627 validateEmailAddress(user, emailAddress);
1628 }
1629 }
1630
1631 if (groupIds != null) {
1632 groupIds = checkGroups(userId, groupIds);
1633 }
1634
1635 if (organizationIds != null) {
1636 organizationIds = checkOrganizations(userId, organizationIds);
1637 }
1638
1639 if (roleIds != null) {
1640 roleIds = checkRoles(userId, roleIds);
1641 }
1642
1643 if (userGroupRoles != null) {
1644 userGroupRoles = checkUserGroupRoles(userId, userGroupRoles);
1645 }
1646
1647 if (userGroupIds != null) {
1648 userGroupIds = checkUserGroupIds(userId, userGroupIds);
1649 }
1650
1651 return userLocalService.updateUser(
1652 userId, oldPassword, newPassword1, newPassword2, passwordReset,
1653 reminderQueryQuestion, reminderQueryAnswer, screenName,
1654 emailAddress, facebookId, openId, languageId, timeZoneId, greeting,
1655 comments, firstName, middleName, lastName, prefixId, suffixId, male,
1656 birthdayMonth, birthdayDay, birthdayYear, smsSn, aimSn, facebookSn,
1657 icqSn, jabberSn, msnSn, mySpaceSn, skypeSn, twitterSn, ymSn,
1658 jobTitle, groupIds, organizationIds, roleIds, userGroupRoles,
1659 userGroupIds, serviceContext);
1660 }
1661
1662
1720 public User updateUser(
1721 long userId, String oldPassword, String newPassword1,
1722 String newPassword2, boolean passwordReset,
1723 String reminderQueryQuestion, String reminderQueryAnswer,
1724 String screenName, String emailAddress, long facebookId,
1725 String openId, String languageId, String timeZoneId,
1726 String greeting, String comments, String firstName,
1727 String middleName, String lastName, int prefixId, int suffixId,
1728 boolean male, int birthdayMonth, int birthdayDay, int birthdayYear,
1729 String smsSn, String aimSn, String facebookSn, String icqSn,
1730 String jabberSn, String msnSn, String mySpaceSn, String skypeSn,
1731 String twitterSn, String ymSn, String jobTitle, long[] groupIds,
1732 long[] organizationIds, long[] roleIds,
1733 List<UserGroupRole> userGroupRoles, long[] userGroupIds,
1734 ServiceContext serviceContext)
1735 throws PortalException, SystemException {
1736
1737 return updateUser(
1738 userId, oldPassword, newPassword1, newPassword2, passwordReset,
1739 reminderQueryQuestion, reminderQueryAnswer, screenName,
1740 emailAddress, facebookId, openId, languageId, timeZoneId, greeting,
1741 comments, firstName, middleName, lastName, prefixId, suffixId, male,
1742 birthdayMonth, birthdayDay, birthdayYear, smsSn, aimSn, facebookSn,
1743 icqSn, jabberSn, msnSn, mySpaceSn, skypeSn, twitterSn, ymSn,
1744 jobTitle, groupIds, organizationIds, roleIds, userGroupRoles,
1745 userGroupIds, null, null, null, null, null, serviceContext);
1746 }
1747
1748 protected void checkAddGroupUsersMembershipPolicy(
1749 long groupId, long[] userIds)
1750 throws PortalException, SystemException {
1751
1752 MembershipPolicyException membershipPolicyException = null;
1753
1754 Group group = groupPersistence.findByPrimaryKey(groupId);
1755
1756 for (long userId : userIds) {
1757 User user = userPersistence.findByPrimaryKey(userId);
1758
1759 if (MembershipPolicyUtil.isMembershipAllowed(group, user)) {
1760 continue;
1761 }
1762
1763 if (membershipPolicyException == null) {
1764 membershipPolicyException = new MembershipPolicyException(
1765 MembershipPolicyException.GROUP_MEMBERSHIP_NOT_ALLOWED);
1766
1767 membershipPolicyException.addGroup(group);
1768 }
1769
1770 membershipPolicyException.addUser(user);
1771 }
1772
1773 if (membershipPolicyException != null) {
1774 throw membershipPolicyException;
1775 }
1776 }
1777
1778 protected void checkAddOrganizationUsersMembershipPolicy(
1779 long organizationId, long[] userIds)
1780 throws PortalException, SystemException {
1781
1782 MembershipPolicyException membershipPolicyException = null;
1783
1784 Organization organization = organizationPersistence.findByPrimaryKey(
1785 organizationId);
1786
1787 for (long userId : userIds) {
1788 User user = userPersistence.findByPrimaryKey(userId);
1789
1790 if (MembershipPolicyUtil.isMembershipAllowed(organization, user)) {
1791 continue;
1792 }
1793
1794 if (membershipPolicyException == null) {
1795 membershipPolicyException = new MembershipPolicyException(
1796 MembershipPolicyException.
1797 ORGANIZATION_MEMBERSHIP_NOT_ALLOWED);
1798
1799 membershipPolicyException.addOrganization(organization);
1800 }
1801
1802 membershipPolicyException.addUser(user);
1803 }
1804
1805 if (membershipPolicyException != null) {
1806 throw membershipPolicyException;
1807 }
1808 }
1809
1810 protected void checkAddRoleUsersMembershipPolicy(
1811 long roleId, long[] userIds)
1812 throws PortalException, SystemException {
1813
1814 MembershipPolicyException membershipPolicyException = null;
1815
1816 Role role = rolePersistence.findByPrimaryKey(roleId);
1817
1818 for (long userId : userIds) {
1819 User user = userPersistence.findByPrimaryKey(userId);
1820
1821 if (MembershipPolicyUtil.isMembershipAllowed(role, user)) {
1822 continue;
1823 }
1824
1825 if (membershipPolicyException == null) {
1826 membershipPolicyException = new MembershipPolicyException(
1827 MembershipPolicyException.ROLE_MEMBERSHIP_NOT_ALLOWED);
1828
1829 membershipPolicyException.addRole(role);
1830 }
1831
1832 membershipPolicyException.addUser(user);
1833 }
1834
1835 if (membershipPolicyException != null) {
1836 throw membershipPolicyException;
1837 }
1838 }
1839
1840 protected void checkAddUserGroupUsersMembershipPolicy(
1841 long userGroupId, long[] userIds)
1842 throws PortalException, SystemException {
1843
1844 MembershipPolicyException membershipPolicyException = null;
1845
1846 UserGroup userGroup = userGroupPersistence.findByPrimaryKey(
1847 userGroupId);
1848
1849 for (long userId : userIds) {
1850 User user = userPersistence.findByPrimaryKey(userId);
1851
1852 if (MembershipPolicyUtil.isMembershipAllowed(userGroup, user)) {
1853 continue;
1854 }
1855
1856 if (membershipPolicyException == null) {
1857 membershipPolicyException = new MembershipPolicyException(
1858 MembershipPolicyException.
1859 USER_GROUP_MEMBERSHIP_NOT_ALLOWED);
1860
1861 membershipPolicyException.addUserGroup(userGroup);
1862 }
1863
1864 membershipPolicyException.addUser(user);
1865 }
1866
1867 if (membershipPolicyException != null) {
1868 throw membershipPolicyException;
1869 }
1870 }
1871
1872 protected void checkAddUserPermission(
1873 long creatorUserId, long companyId, String emailAddress,
1874 long[] groupIds, long[] organizationIds, long[] roleIds,
1875 long[] userGroupIds, ServiceContext serviceContext)
1876 throws PortalException, SystemException {
1877
1878 Company company = companyPersistence.findByPrimaryKey(companyId);
1879
1880 if (groupIds != null) {
1881 checkGroups(0, groupIds);
1882 }
1883
1884 if (organizationIds != null) {
1885 checkOrganizations(0, organizationIds);
1886 }
1887
1888 if (roleIds != null) {
1889 checkRoles(0, roleIds);
1890 }
1891
1892 if (userGroupIds != null) {
1893 checkUserGroupIds(0, userGroupIds);
1894 }
1895
1896 boolean anonymousUser = ParamUtil.getBoolean(
1897 serviceContext, "anonymousUser");
1898
1899 long defaultUserId = userLocalService.getDefaultUserId(companyId);
1900
1901 if (((creatorUserId != 0) && (creatorUserId != defaultUserId)) ||
1902 (!company.isStrangers() && !anonymousUser)) {
1903
1904 if (!PortalPermissionUtil.contains(
1905 getPermissionChecker(), ActionKeys.ADD_USER) &&
1906 !OrganizationPermissionUtil.contains(
1907 getPermissionChecker(), organizationIds,
1908 ActionKeys.ASSIGN_MEMBERS)) {
1909
1910 throw new PrincipalException();
1911 }
1912 }
1913
1914 if ((creatorUserId == 0) || (creatorUserId == defaultUserId)) {
1915 if (!company.isStrangersWithMx() &&
1916 company.hasCompanyMx(emailAddress)) {
1917
1918 throw new ReservedUserEmailAddressException();
1919 }
1920 }
1921 }
1922
1923 protected long[] checkGroups(long userId, long[] groupIds)
1924 throws PortalException, SystemException {
1925
1926 long[] oldGroupIds = null;
1927
1928 PermissionChecker permissionChecker = getPermissionChecker();
1929
1930 User user = null;
1931
1932 if (userId != CompanyConstants.SYSTEM) {
1933
1934
1935
1936
1937
1938 user = userPersistence.findByPrimaryKey(userId);
1939
1940 Set<Group> mandatoryGroups =
1941 MembershipPolicyUtil.getMandatoryGroups(user);
1942
1943 List<Group> oldGroups = groupLocalService.getUserGroups(userId);
1944
1945 oldGroupIds = new long[oldGroups.size()];
1946
1947 for (int i = 0; i < oldGroups.size(); i++) {
1948 Group group = oldGroups.get(i);
1949
1950 if (!ArrayUtil.contains(groupIds, group.getGroupId()) &&
1951 (!GroupPermissionUtil.contains(
1952 permissionChecker, group.getGroupId(),
1953 ActionKeys.ASSIGN_MEMBERS) ||
1954 MembershipPolicyUtil.isMembershipProtected(
1955 permissionChecker, group, user) ||
1956 mandatoryGroups.contains(group))) {
1957
1958 groupIds = ArrayUtil.append(groupIds, group.getGroupId());
1959 }
1960
1961 oldGroupIds[i] = group.getGroupId();
1962 }
1963 }
1964
1965
1966
1967
1968 MembershipPolicyException membershipPolicyException = null;
1969
1970 for (long groupId : groupIds) {
1971 if ((oldGroupIds != null) &&
1972 ArrayUtil.contains(oldGroupIds, groupId)) {
1973
1974 continue;
1975 }
1976
1977 Group group = groupPersistence.findByPrimaryKey(groupId);
1978
1979 GroupPermissionUtil.check(
1980 permissionChecker, group, ActionKeys.ASSIGN_MEMBERS);
1981
1982 if (user == null) {
1983 continue;
1984 }
1985
1986 if (MembershipPolicyUtil.isMembershipAllowed(group, user)) {
1987 continue;
1988 }
1989
1990 if (membershipPolicyException == null) {
1991 membershipPolicyException = new MembershipPolicyException(
1992 MembershipPolicyException.GROUP_MEMBERSHIP_NOT_ALLOWED);
1993
1994 membershipPolicyException.addUser(user);
1995 }
1996
1997 membershipPolicyException.addGroup(group);
1998 }
1999
2000 if (membershipPolicyException != null) {
2001 throw membershipPolicyException;
2002 }
2003
2004 return groupIds;
2005 }
2006
2007 protected long[] checkOrganizations(long userId, long[] organizationIds)
2008 throws PortalException, SystemException {
2009
2010 long[] oldOrganizationIds = null;
2011
2012 PermissionChecker permissionChecker = getPermissionChecker();
2013
2014 User user = null;
2015
2016 if (userId != CompanyConstants.SYSTEM) {
2017
2018
2019
2020
2021
2022 user = userPersistence.findByPrimaryKey(userId);
2023
2024 Set<Organization> mandatoryOrganizations =
2025 MembershipPolicyUtil.getMandatoryOrganizations(user);
2026
2027 List<Organization> oldOrganizations =
2028 organizationLocalService.getUserOrganizations(userId);
2029
2030 oldOrganizationIds = new long[oldOrganizations.size()];
2031
2032 for (int i = 0; i < oldOrganizations.size(); i++) {
2033 Organization organization = oldOrganizations.get(i);
2034
2035 if (!ArrayUtil.contains(
2036 organizationIds, organization.getOrganizationId()) &&
2037 (!OrganizationPermissionUtil.contains(
2038 permissionChecker, organization.getOrganizationId(),
2039 ActionKeys.ASSIGN_MEMBERS) ||
2040 MembershipPolicyUtil.isMembershipProtected(
2041 permissionChecker, organization, user) ||
2042 mandatoryOrganizations.contains(organization))) {
2043
2044 organizationIds = ArrayUtil.append(
2045 organizationIds, organization.getOrganizationId());
2046 }
2047
2048 oldOrganizationIds[i] = organization.getOrganizationId();
2049 }
2050 }
2051
2052
2053
2054
2055 MembershipPolicyException membershipPolicyException = null;
2056
2057 for (long organizationId : organizationIds) {
2058 if ((oldOrganizationIds != null) &&
2059 ArrayUtil.contains(oldOrganizationIds, organizationId)) {
2060
2061 continue;
2062 }
2063
2064 Organization organization =
2065 organizationPersistence.findByPrimaryKey(organizationId);
2066
2067 OrganizationPermissionUtil.check(
2068 permissionChecker, organization, ActionKeys.ASSIGN_MEMBERS);
2069
2070 if (user == null) {
2071 continue;
2072 }
2073
2074 if (MembershipPolicyUtil.isMembershipAllowed(organization, user)) {
2075 continue;
2076 }
2077
2078 if (membershipPolicyException == null) {
2079 membershipPolicyException = new MembershipPolicyException(
2080 MembershipPolicyException.
2081 ORGANIZATION_MEMBERSHIP_NOT_ALLOWED);
2082
2083 membershipPolicyException.addUser(user);
2084 }
2085
2086 membershipPolicyException.addOrganization(organization);
2087 }
2088
2089 if (membershipPolicyException != null) {
2090 throw membershipPolicyException;
2091 }
2092
2093 return organizationIds;
2094 }
2095
2096 protected long[] checkRoles(long userId, long[] roleIds)
2097 throws PortalException, SystemException {
2098
2099 long[] oldRoleIds = null;
2100
2101 PermissionChecker permissionChecker = getPermissionChecker();
2102
2103 User user = null;
2104
2105 if (userId != CompanyConstants.SYSTEM) {
2106
2107
2108
2109
2110
2111 user = userPersistence.findByPrimaryKey(userId);
2112
2113 Set<Role> mandatoryRoles = MembershipPolicyUtil.getMandatoryRoles(
2114 user);
2115
2116 List<Role> oldRoles = roleLocalService.getUserRoles(userId);
2117
2118 oldRoleIds = new long[oldRoles.size()];
2119
2120 for (int i = 0; i < oldRoles.size(); i++) {
2121 Role role = oldRoles.get(i);
2122
2123 if (!ArrayUtil.contains(roleIds, role.getRoleId()) &&
2124 (!RolePermissionUtil.contains(
2125 permissionChecker, role.getRoleId(),
2126 ActionKeys.ASSIGN_MEMBERS) ||
2127 mandatoryRoles.contains(role))) {
2128
2129 roleIds = ArrayUtil.append(roleIds, role.getRoleId());
2130 }
2131
2132 oldRoleIds[i] = role.getRoleId();
2133 }
2134 }
2135
2136
2137
2138
2139 MembershipPolicyException membershipPolicyException = null;
2140
2141 for (long roleId : roleIds) {
2142 if ((oldRoleIds != null) &&
2143 ArrayUtil.contains(oldRoleIds, roleId)) {
2144
2145 continue;
2146 }
2147
2148 Role role = rolePersistence.findByPrimaryKey(roleId);
2149
2150 RolePermissionUtil.check(
2151 permissionChecker, role.getRoleId(), ActionKeys.ASSIGN_MEMBERS);
2152
2153 if (user == null) {
2154 continue;
2155 }
2156
2157 if (MembershipPolicyUtil.isMembershipAllowed(role, user)) {
2158 continue;
2159 }
2160
2161 if (membershipPolicyException == null) {
2162 membershipPolicyException = new MembershipPolicyException(
2163 MembershipPolicyException.ROLE_MEMBERSHIP_NOT_ALLOWED);
2164
2165 membershipPolicyException.addUser(user);
2166 }
2167
2168 membershipPolicyException.addRole(role);
2169 }
2170
2171 if (membershipPolicyException != null) {
2172 throw membershipPolicyException;
2173 }
2174
2175 return roleIds;
2176 }
2177
2178 protected void checkSetRoleUsersMembershipPolicy(
2179 long roleId, long[] userIds)
2180 throws PortalException, SystemException {
2181
2182 List<Long> unsetUserIds = new ArrayList<Long>(userIds.length);
2183
2184 List<User> users = rolePersistence.getUsers(roleId);
2185
2186 for (User user : users) {
2187 if (!ArrayUtil.contains(userIds, user.getUserId())) {
2188 unsetUserIds.add(user.getUserId());
2189 }
2190 }
2191
2192 checkUnsetRoleUsersMembershipPolicy(
2193 roleId, ArrayUtil.toLongArray(unsetUserIds));
2194
2195 checkAddRoleUsersMembershipPolicy(roleId, userIds);
2196 }
2197
2198 protected void checkSetUserGroupUsersMembershipPolicy(
2199 long userGroupId, long[] userIds)
2200 throws PortalException, SystemException {
2201
2202 List<Long> unsetUserIds = new ArrayList<Long>(userIds.length);
2203
2204 List<User> users = userGroupPersistence.getUsers(userGroupId);
2205
2206 for (User user : users) {
2207 if (!ArrayUtil.contains(userIds, user.getUserId())) {
2208 unsetUserIds.add(user.getUserId());
2209 }
2210 }
2211
2212 checkUnsetUserGroupUsersMembershipPolicy(
2213 userGroupId, ArrayUtil.toLongArray(unsetUserIds));
2214
2215 checkAddUserGroupUsersMembershipPolicy(userGroupId, userIds);
2216 }
2217
2218 protected void checkUnsetGroupUsersMembershipPolicy(
2219 long groupId, long[] userIds)
2220 throws PortalException, SystemException {
2221
2222 MembershipPolicyException membershipPolicyException = null;
2223
2224 Group group = groupPersistence.findByPrimaryKey(groupId);
2225
2226 for (long userId : userIds) {
2227 User user = userPersistence.findByPrimaryKey(userId);
2228
2229 Set<Group> mandatoryGroups =
2230 MembershipPolicyUtil.getMandatoryGroups(user);
2231
2232 if (!mandatoryGroups.contains(group)) {
2233 continue;
2234 }
2235
2236 if (membershipPolicyException == null) {
2237 membershipPolicyException = new MembershipPolicyException(
2238 MembershipPolicyException.GROUP_MEMBERSHIP_REQUIRED);
2239
2240 membershipPolicyException.addGroup(group);
2241 }
2242
2243 membershipPolicyException.addUser(user);
2244 }
2245
2246 if (membershipPolicyException != null) {
2247 throw membershipPolicyException;
2248 }
2249 }
2250
2251 protected void checkUnsetOrganizationUsersMembershipPolicy(
2252 long organizationId, long[] userIds)
2253 throws PortalException, SystemException {
2254
2255 MembershipPolicyException membershipPolicyException = null;
2256
2257 Organization organization = organizationPersistence.findByPrimaryKey(
2258 organizationId);
2259
2260 for (long userId : userIds) {
2261 User user = userPersistence.findByPrimaryKey(userId);
2262
2263 Set<Organization> mandatoryOrganizations =
2264 MembershipPolicyUtil.getMandatoryOrganizations(user);
2265
2266 if (!mandatoryOrganizations.contains(organization)) {
2267 continue;
2268 }
2269
2270 if (membershipPolicyException == null) {
2271 membershipPolicyException = new MembershipPolicyException(
2272 MembershipPolicyException.
2273 ORGANIZATION_MEMBERSHIP_REQUIRED);
2274
2275 membershipPolicyException.addOrganization(organization);
2276 }
2277
2278 membershipPolicyException.addUser(user);
2279 }
2280
2281 if (membershipPolicyException != null) {
2282 throw membershipPolicyException;
2283 }
2284 }
2285
2286 protected void checkUnsetRoleUsersMembershipPolicy(
2287 long roleId, long[] userIds)
2288 throws PortalException, SystemException {
2289
2290 MembershipPolicyException membershipPolicyException = null;
2291
2292 Role role = rolePersistence.findByPrimaryKey(roleId);
2293
2294 for (long userId : userIds) {
2295 User user = userPersistence.findByPrimaryKey(userId);
2296
2297 Set<Role> mandatoryRoles = MembershipPolicyUtil.getMandatoryRoles(
2298 user);
2299
2300 if (!mandatoryRoles.contains(role)) {
2301 continue;
2302 }
2303
2304 if (membershipPolicyException == null) {
2305 membershipPolicyException = new MembershipPolicyException(
2306 MembershipPolicyException.ROLE_MEMBERSHIP_REQUIRED);
2307
2308 membershipPolicyException.addRole(role);
2309 }
2310
2311 membershipPolicyException.addUser(user);
2312 }
2313
2314 if (membershipPolicyException != null) {
2315 throw membershipPolicyException;
2316 }
2317 }
2318
2319 protected void checkUnsetUserGroupUsersMembershipPolicy(
2320 long userGroupId, long[] userIds)
2321 throws PortalException, SystemException {
2322
2323 MembershipPolicyException membershipPolicyException = null;
2324
2325 UserGroup userGroup = userGroupPersistence.findByPrimaryKey(
2326 userGroupId);
2327
2328 for (long userId : userIds) {
2329 User user = userPersistence.findByPrimaryKey(userId);
2330
2331 Set<UserGroup> mandatoryUserGroups =
2332 MembershipPolicyUtil.getMandatoryUserGroups(user);
2333
2334 if (!mandatoryUserGroups.contains(userGroup)) {
2335 continue;
2336 }
2337
2338 if (membershipPolicyException == null) {
2339 membershipPolicyException = new MembershipPolicyException(
2340 MembershipPolicyException. USER_GROUP_MEMBERSHIP_REQUIRED);
2341
2342 membershipPolicyException.addUserGroup(userGroup);
2343 }
2344
2345 membershipPolicyException.addUser(user);
2346 }
2347
2348 if (membershipPolicyException != null) {
2349 throw membershipPolicyException;
2350 }
2351 }
2352
2353 protected long[] checkUserGroupIds(long userId, long[] userGroupIds)
2354 throws PortalException, SystemException {
2355
2356 long[] oldUserGroupIds = null;
2357
2358 PermissionChecker permissionChecker = getPermissionChecker();
2359
2360 User user = null;
2361
2362 if (userId != CompanyConstants.SYSTEM) {
2363
2364
2365
2366
2367 user = userPersistence.findByPrimaryKey(userId);
2368
2369 Set<UserGroup> mandatoryUserGroups =
2370 MembershipPolicyUtil.getMandatoryUserGroups(user);
2371
2372 List<UserGroup> oldUserGroups =
2373 userGroupLocalService.getUserUserGroups(userId);
2374
2375 oldUserGroupIds = new long[oldUserGroups.size()];
2376
2377 for (int i = 0; i < oldUserGroups.size(); i++) {
2378 UserGroup userGroup = oldUserGroups.get(i);
2379
2380 if (!ArrayUtil.contains(
2381 userGroupIds, userGroup.getUserGroupId()) &&
2382 (!UserGroupPermissionUtil.contains(
2383 permissionChecker, userGroup.getUserGroupId(),
2384 ActionKeys.ASSIGN_MEMBERS) ||
2385 mandatoryUserGroups.contains(userGroup))) {
2386
2387 userGroupIds = ArrayUtil.append(
2388 userGroupIds, userGroup.getUserGroupId());
2389 }
2390
2391 oldUserGroupIds[i] = userGroup.getUserGroupId();
2392 }
2393 }
2394
2395 MembershipPolicyException membershipPolicyException = null;
2396
2397
2398
2399
2400 for (long userGroupId : userGroupIds) {
2401 if ((oldUserGroupIds == null) ||
2402 !ArrayUtil.contains(oldUserGroupIds, userGroupId)) {
2403
2404 UserGroupPermissionUtil.check(
2405 permissionChecker, userGroupId, ActionKeys.ASSIGN_MEMBERS);
2406
2407 UserGroup userGroup = userGroupPersistence.findByPrimaryKey(
2408 userGroupId);
2409
2410 if (!MembershipPolicyUtil.isMembershipAllowed(
2411 userGroup, user)) {
2412
2413 if (membershipPolicyException == null) {
2414 membershipPolicyException =
2415 new MembershipPolicyException(
2416 MembershipPolicyException.
2417 USER_GROUP_MEMBERSHIP_NOT_ALLOWED);
2418
2419 membershipPolicyException.addUser(user);
2420 }
2421
2422 membershipPolicyException.addUserGroup(userGroup);
2423 }
2424 }
2425 }
2426
2427 if (membershipPolicyException != null) {
2428 throw membershipPolicyException;
2429 }
2430
2431 return userGroupIds;
2432 }
2433
2434 protected List<UserGroupRole> checkUserGroupRoles(
2435 long userId, List<UserGroupRole> userGroupRoles)
2436 throws PortalException, SystemException {
2437
2438 List<UserGroupRole> oldUserGroupRoles = null;
2439
2440 PermissionChecker permissionChecker = getPermissionChecker();
2441
2442 User user = userPersistence.findByPrimaryKey(userId);
2443
2444 if (userId != CompanyConstants.SYSTEM) {
2445
2446
2447
2448
2449 Set<Role> mandatoryRoles = MembershipPolicyUtil.getMandatoryRoles(
2450 user.getGroup(), user);
2451
2452 oldUserGroupRoles = userGroupRoleLocalService.getUserGroupRoles(
2453 userId);
2454
2455 for (UserGroupRole oldUserGroupRole : oldUserGroupRoles) {
2456 Role role = oldUserGroupRole.getRole();
2457
2458 if (role.getType() == RoleConstants.TYPE_ORGANIZATION) {
2459 Group group = oldUserGroupRole.getGroup();
2460
2461 Organization organization =
2462 organizationPersistence.findByPrimaryKey(
2463 group.getOrganizationId());
2464
2465 Set<Role> mandatoryOrganizationRoles =
2466 MembershipPolicyUtil.getMandatoryRoles(
2467 organization, user);
2468
2469 if (!userGroupRoles.contains(oldUserGroupRole) &&
2470 (!UserGroupRolePermissionUtil.contains(
2471 permissionChecker, oldUserGroupRole.getGroupId(),
2472 oldUserGroupRole.getRoleId()) ||
2473 MembershipPolicyUtil.isMembershipProtected(
2474 getPermissionChecker(),
2475 oldUserGroupRole.getGroup(), role, user) ||
2476 mandatoryOrganizationRoles.contains(role))) {
2477
2478 userGroupRoles.add(oldUserGroupRole);
2479 }
2480 }
2481 else if (role.getType() == RoleConstants.TYPE_SITE) {
2482 if (!userGroupRoles.contains(oldUserGroupRole) &&
2483 (!UserGroupRolePermissionUtil.contains(
2484 permissionChecker, oldUserGroupRole.getGroupId(),
2485 oldUserGroupRole.getRoleId()) ||
2486 MembershipPolicyUtil.isMembershipProtected(
2487 getPermissionChecker(),
2488 oldUserGroupRole.getGroup(), role, user) ||
2489 mandatoryRoles.contains(role))) {
2490
2491 userGroupRoles.add(oldUserGroupRole);
2492 }
2493 }
2494 }
2495 }
2496
2497 MembershipPolicyException membershipPolicyException = null;
2498
2499
2500
2501
2502 for (UserGroupRole userGroupRole : userGroupRoles) {
2503 Role role = userGroupRole.getRole();
2504
2505 if ((oldUserGroupRoles == null) ||
2506 !oldUserGroupRoles.contains(userGroupRole)) {
2507
2508 UserGroupRolePermissionUtil.check(
2509 permissionChecker, userGroupRole.getGroupId(),
2510 userGroupRole.getRoleId());
2511
2512 if (role.getType() == RoleConstants.TYPE_ORGANIZATION) {
2513 Group group = userGroupRole.getGroup();
2514
2515 long organizationId = group.getOrganizationId();
2516
2517 Organization organization =
2518 organizationPersistence.findByPrimaryKey(
2519 organizationId);
2520
2521 if (!MembershipPolicyUtil.isMembershipAllowed(
2522 organization, role, user)) {
2523
2524 if (membershipPolicyException == null) {
2525 membershipPolicyException =
2526 new MembershipPolicyException(
2527 MembershipPolicyException.
2528 ROLE_MEMBERSHIP_NOT_ALLOWED);
2529
2530 membershipPolicyException.addUser(user);
2531 }
2532
2533 membershipPolicyException.addRole(role);
2534 }
2535 }
2536 else if (role.getType() == RoleConstants.TYPE_SITE) {
2537 if (!MembershipPolicyUtil.isMembershipAllowed(
2538 userGroupRole.getGroup(), role, user)) {
2539
2540 if (membershipPolicyException == null) {
2541 membershipPolicyException =
2542 new MembershipPolicyException(
2543 MembershipPolicyException.
2544 ROLE_MEMBERSHIP_NOT_ALLOWED);
2545
2546 membershipPolicyException.addUser(user);
2547 }
2548
2549 membershipPolicyException.addRole(role);
2550 }
2551 }
2552 }
2553 }
2554
2555 if (membershipPolicyException != null) {
2556 throw membershipPolicyException;
2557 }
2558
2559 return userGroupRoles;
2560 }
2561
2562 protected void updateAnnouncementsDeliveries(
2563 long userId, List<AnnouncementsDelivery> announcementsDeliveries)
2564 throws PortalException, SystemException {
2565
2566 for (AnnouncementsDelivery announcementsDelivery :
2567 announcementsDeliveries) {
2568
2569 announcementsDeliveryService.updateDelivery(
2570 userId, announcementsDelivery.getType(),
2571 announcementsDelivery.getEmail(),
2572 announcementsDelivery.getSms(),
2573 announcementsDelivery.getWebsite());
2574 }
2575 }
2576
2577 protected void validateEmailAddress(User user, String emailAddress)
2578 throws PortalException, SystemException {
2579
2580 PermissionChecker permissionChecker = getPermissionChecker();
2581
2582 if (!UsersAdminUtil.hasUpdateEmailAddress(permissionChecker, user)) {
2583 throw new UserEmailAddressException();
2584 }
2585
2586 if (!user.hasCompanyMx() && user.hasCompanyMx(emailAddress)) {
2587 Company company = companyPersistence.findByPrimaryKey(
2588 user.getCompanyId());
2589
2590 if (!company.isStrangersWithMx()) {
2591 throw new ReservedUserEmailAddressException();
2592 }
2593 }
2594 }
2595
2596 protected void validateOrganizationUsers(long[] userIds)
2597 throws PortalException, SystemException {
2598
2599 PermissionChecker permissionChecker = getPermissionChecker();
2600
2601 if (!PropsValues.ORGANIZATIONS_ASSIGNMENT_STRICT ||
2602 permissionChecker.isCompanyAdmin()) {
2603
2604 return;
2605 }
2606
2607 for (long userId : userIds) {
2608 boolean allowed = false;
2609
2610 List<Organization> organizations =
2611 organizationLocalService.getUserOrganizations(userId);
2612
2613 for (Organization organization : organizations) {
2614 if (OrganizationPermissionUtil.contains(
2615 permissionChecker, organization,
2616 ActionKeys.MANAGE_USERS)) {
2617
2618 allowed = true;
2619
2620 break;
2621 }
2622 }
2623
2624 if (!allowed) {
2625 throw new PrincipalException();
2626 }
2627 }
2628 }
2629
2630 protected void validateScreenName(User user, String screenName)
2631 throws PortalException, SystemException {
2632
2633 PermissionChecker permissionChecker = getPermissionChecker();
2634
2635 if (!UsersAdminUtil.hasUpdateScreenName(permissionChecker, user)) {
2636 throw new UserScreenNameException();
2637 }
2638 }
2639
2640 }