001
014
015 package com.liferay.portal.service.impl;
016
017 import com.liferay.portal.RequiredUserException;
018 import com.liferay.portal.ReservedUserEmailAddressException;
019 import com.liferay.portal.UserEmailAddressException;
020 import com.liferay.portal.UserScreenNameException;
021 import com.liferay.portal.kernel.exception.PortalException;
022 import com.liferay.portal.kernel.exception.SystemException;
023 import com.liferay.portal.kernel.search.Indexer;
024 import com.liferay.portal.kernel.search.IndexerRegistryUtil;
025 import com.liferay.portal.kernel.util.ArrayUtil;
026 import com.liferay.portal.kernel.util.ListUtil;
027 import com.liferay.portal.kernel.util.ParamUtil;
028 import com.liferay.portal.kernel.workflow.WorkflowConstants;
029 import com.liferay.portal.kernel.workflow.WorkflowThreadLocal;
030 import com.liferay.portal.model.Address;
031 import com.liferay.portal.model.Company;
032 import com.liferay.portal.model.CompanyConstants;
033 import com.liferay.portal.model.Contact;
034 import com.liferay.portal.model.EmailAddress;
035 import com.liferay.portal.model.Group;
036 import com.liferay.portal.model.GroupConstants;
037 import com.liferay.portal.model.Organization;
038 import com.liferay.portal.model.Phone;
039 import com.liferay.portal.model.Role;
040 import com.liferay.portal.model.RoleConstants;
041 import com.liferay.portal.model.User;
042 import com.liferay.portal.model.UserGroup;
043 import com.liferay.portal.model.UserGroupRole;
044 import com.liferay.portal.model.Website;
045 import com.liferay.portal.security.auth.PrincipalException;
046 import com.liferay.portal.security.membershippolicy.OrganizationMembershipPolicyUtil;
047 import com.liferay.portal.security.membershippolicy.RoleMembershipPolicyUtil;
048 import com.liferay.portal.security.membershippolicy.SiteMembershipPolicyUtil;
049 import com.liferay.portal.security.membershippolicy.UserGroupMembershipPolicyUtil;
050 import com.liferay.portal.security.permission.ActionKeys;
051 import com.liferay.portal.security.permission.PermissionChecker;
052 import com.liferay.portal.service.ServiceContext;
053 import com.liferay.portal.service.base.UserServiceBaseImpl;
054 import com.liferay.portal.service.permission.GroupPermissionUtil;
055 import com.liferay.portal.service.permission.OrganizationPermissionUtil;
056 import com.liferay.portal.service.permission.PasswordPolicyPermissionUtil;
057 import com.liferay.portal.service.permission.PortalPermissionUtil;
058 import com.liferay.portal.service.permission.RolePermissionUtil;
059 import com.liferay.portal.service.permission.TeamPermissionUtil;
060 import com.liferay.portal.service.permission.UserGroupPermissionUtil;
061 import com.liferay.portal.service.permission.UserGroupRolePermissionUtil;
062 import com.liferay.portal.service.permission.UserPermissionUtil;
063 import com.liferay.portal.util.PropsValues;
064 import com.liferay.portlet.announcements.model.AnnouncementsDelivery;
065 import com.liferay.portlet.usersadmin.util.UsersAdminUtil;
066
067 import java.util.ArrayList;
068 import java.util.List;
069 import java.util.Locale;
070
071
081 public class UserServiceImpl extends UserServiceBaseImpl {
082
083
096 public void addGroupUsers(
097 long groupId, long[] userIds, ServiceContext serviceContext)
098 throws PortalException, SystemException {
099
100 if (userIds.length == 0) {
101 return;
102 }
103
104 try {
105 GroupPermissionUtil.check(
106 getPermissionChecker(), groupId, ActionKeys.ASSIGN_MEMBERS);
107 }
108 catch (PrincipalException pe) {
109
110
111
112 boolean hasPermission = false;
113
114 if (userIds.length == 1) {
115 User user = getUser();
116
117 if (user.getUserId() == userIds[0]) {
118 Group group = groupPersistence.findByPrimaryKey(groupId);
119
120 if (user.getCompanyId() == group.getCompanyId()) {
121 int type = group.getType();
122
123 if (type == GroupConstants.TYPE_SITE_OPEN) {
124 hasPermission = true;
125 }
126 }
127 }
128 }
129
130 if (!hasPermission) {
131 throw new PrincipalException();
132 }
133 }
134
135 SiteMembershipPolicyUtil.checkMembership(
136 userIds, new long[] {groupId}, null);
137
138 userLocalService.addGroupUsers(groupId, userIds);
139
140 SiteMembershipPolicyUtil.propagateMembership(
141 userIds, new long[] {groupId}, null);
142 }
143
144
156 public void addOrganizationUsers(long organizationId, long[] userIds)
157 throws PortalException, SystemException {
158
159 if (userIds.length == 0) {
160 return;
161 }
162
163 OrganizationPermissionUtil.check(
164 getPermissionChecker(), organizationId, ActionKeys.ASSIGN_MEMBERS);
165
166 validateOrganizationUsers(userIds);
167
168 OrganizationMembershipPolicyUtil.checkMembership(
169 userIds, new long[] {organizationId}, null);
170
171 userLocalService.addOrganizationUsers(organizationId, userIds);
172
173 OrganizationMembershipPolicyUtil.propagateMembership(
174 userIds, new long[] {organizationId}, null);
175
176 }
177
178
188 public void addPasswordPolicyUsers(long passwordPolicyId, long[] userIds)
189 throws PortalException, SystemException {
190
191 if (userIds.length == 0) {
192 return;
193 }
194
195 PasswordPolicyPermissionUtil.check(
196 getPermissionChecker(), passwordPolicyId,
197 ActionKeys.ASSIGN_MEMBERS);
198
199 userLocalService.addPasswordPolicyUsers(passwordPolicyId, userIds);
200 }
201
202
213 public void addRoleUsers(long roleId, long[] userIds)
214 throws PortalException, SystemException {
215
216 if (userIds.length == 0) {
217 return;
218 }
219
220 RolePermissionUtil.check(
221 getPermissionChecker(), roleId, ActionKeys.ASSIGN_MEMBERS);
222
223 RoleMembershipPolicyUtil.checkRoles(userIds, new long[] {roleId}, null);
224
225 userLocalService.addRoleUsers(roleId, userIds);
226
227 RoleMembershipPolicyUtil.propagateRoles(
228 userIds, new long[] {roleId}, null);
229 }
230
231
241 public void addTeamUsers(long teamId, long[] userIds)
242 throws PortalException, SystemException {
243
244 if (userIds.length == 0) {
245 return;
246 }
247
248 TeamPermissionUtil.check(
249 getPermissionChecker(), teamId, ActionKeys.ASSIGN_MEMBERS);
250
251 userLocalService.addTeamUsers(teamId, userIds);
252 }
253
254
304 public User addUser(
305 long companyId, boolean autoPassword, String password1,
306 String password2, boolean autoScreenName, String screenName,
307 String emailAddress, long facebookId, String openId, Locale locale,
308 String firstName, String middleName, String lastName, int prefixId,
309 int suffixId, boolean male, int birthdayMonth, int birthdayDay,
310 int birthdayYear, String jobTitle, long[] groupIds,
311 long[] organizationIds, long[] roleIds, long[] userGroupIds,
312 boolean sendEmail, ServiceContext serviceContext)
313 throws PortalException, SystemException {
314
315 boolean workflowEnabled = WorkflowThreadLocal.isEnabled();
316
317 try {
318 WorkflowThreadLocal.setEnabled(false);
319
320 return addUserWithWorkflow(
321 companyId, autoPassword, password1, password2, autoScreenName,
322 screenName, emailAddress, facebookId, openId, locale, firstName,
323 middleName, lastName, prefixId, suffixId, male, birthdayMonth,
324 birthdayDay, birthdayYear, jobTitle, groupIds, organizationIds,
325 roleIds, userGroupIds, sendEmail, serviceContext);
326 }
327 finally {
328 WorkflowThreadLocal.setEnabled(workflowEnabled);
329 }
330 }
331
332
387 public User addUser(
388 long companyId, boolean autoPassword, String password1,
389 String password2, boolean autoScreenName, String screenName,
390 String emailAddress, long facebookId, String openId, Locale locale,
391 String firstName, String middleName, String lastName, int prefixId,
392 int suffixId, boolean male, int birthdayMonth, int birthdayDay,
393 int birthdayYear, String jobTitle, long[] groupIds,
394 long[] organizationIds, long[] roleIds, long[] userGroupIds,
395 List<Address> addresses, List<EmailAddress> emailAddresses,
396 List<Phone> phones, List<Website> websites,
397 List<AnnouncementsDelivery> announcementsDelivers,
398 boolean sendEmail, ServiceContext serviceContext)
399 throws PortalException, SystemException {
400
401 boolean workflowEnabled = WorkflowThreadLocal.isEnabled();
402
403 try {
404 WorkflowThreadLocal.setEnabled(false);
405
406 return addUserWithWorkflow(
407 companyId, autoPassword, password1, password2, autoScreenName,
408 screenName, emailAddress, facebookId, openId, locale, firstName,
409 middleName, lastName, prefixId, suffixId, male, birthdayMonth,
410 birthdayDay, birthdayYear, jobTitle, groupIds, organizationIds,
411 roleIds, userGroupIds, addresses, emailAddresses, phones,
412 websites, announcementsDelivers, sendEmail, serviceContext);
413 }
414 finally {
415 WorkflowThreadLocal.setEnabled(workflowEnabled);
416 }
417 }
418
419
430 public void addUserGroupUsers(long userGroupId, long[] userIds)
431 throws PortalException, SystemException {
432
433 if (userIds.length == 0) {
434 return;
435 }
436
437 UserGroupPermissionUtil.check(
438 getPermissionChecker(), userGroupId, ActionKeys.ASSIGN_MEMBERS);
439
440 UserGroupMembershipPolicyUtil.checkMembership(
441 userIds, new long[] {userGroupId}, null);
442
443 userLocalService.addUserGroupUsers(userGroupId, userIds);
444
445 UserGroupMembershipPolicyUtil.propagateMembership(
446 userIds, new long[] {userGroupId}, null);
447 }
448
449
499 public User addUserWithWorkflow(
500 long companyId, boolean autoPassword, String password1,
501 String password2, boolean autoScreenName, String screenName,
502 String emailAddress, long facebookId, String openId, Locale locale,
503 String firstName, String middleName, String lastName, int prefixId,
504 int suffixId, boolean male, int birthdayMonth, int birthdayDay,
505 int birthdayYear, String jobTitle, long[] groupIds,
506 long[] organizationIds, long[] roleIds, long[] userGroupIds,
507 boolean sendEmail, ServiceContext serviceContext)
508 throws PortalException, SystemException {
509
510 long creatorUserId = 0;
511
512 try {
513 creatorUserId = getGuestOrUserId();
514 }
515 catch (PrincipalException pe) {
516 }
517
518 checkAddUserPermission(
519 creatorUserId, companyId, emailAddress, groupIds, organizationIds,
520 roleIds, userGroupIds, serviceContext);
521
522 User user = userLocalService.addUserWithWorkflow(
523 creatorUserId, companyId, autoPassword, password1, password2,
524 autoScreenName, screenName, emailAddress, facebookId, openId,
525 locale, firstName, middleName, lastName, prefixId, suffixId, male,
526 birthdayMonth, birthdayDay, birthdayYear, jobTitle, groupIds,
527 organizationIds, roleIds, userGroupIds, sendEmail, serviceContext);
528
529 checkMembership(
530 new long[] {user.getUserId()}, groupIds, organizationIds, roleIds,
531 userGroupIds);
532
533 propagateMembership(
534 new long[]{user.getUserId()}, groupIds, organizationIds, roleIds,
535 userGroupIds);
536
537 return user;
538 }
539
540
595 public User addUserWithWorkflow(
596 long companyId, boolean autoPassword, String password1,
597 String password2, boolean autoScreenName, String screenName,
598 String emailAddress, long facebookId, String openId, Locale locale,
599 String firstName, String middleName, String lastName, int prefixId,
600 int suffixId, boolean male, int birthdayMonth, int birthdayDay,
601 int birthdayYear, String jobTitle, long[] groupIds,
602 long[] organizationIds, long[] roleIds, long[] userGroupIds,
603 List<Address> addresses, List<EmailAddress> emailAddresses,
604 List<Phone> phones, List<Website> websites,
605 List<AnnouncementsDelivery> announcementsDelivers,
606 boolean sendEmail, ServiceContext serviceContext)
607 throws PortalException, SystemException {
608
609 boolean indexingEnabled = serviceContext.isIndexingEnabled();
610
611 serviceContext.setIndexingEnabled(false);
612
613 try {
614 User user = addUserWithWorkflow(
615 companyId, autoPassword, password1, password2, autoScreenName,
616 screenName, emailAddress, facebookId, openId, locale, firstName,
617 middleName, lastName, prefixId, suffixId, male, birthdayMonth,
618 birthdayDay, birthdayYear, jobTitle, groupIds, organizationIds,
619 roleIds, userGroupIds, sendEmail, serviceContext);
620
621 UsersAdminUtil.updateAddresses(
622 Contact.class.getName(), user.getContactId(), addresses);
623
624 UsersAdminUtil.updateEmailAddresses(
625 Contact.class.getName(), user.getContactId(), emailAddresses);
626
627 UsersAdminUtil.updatePhones(
628 Contact.class.getName(), user.getContactId(), phones);
629
630 UsersAdminUtil.updateWebsites(
631 Contact.class.getName(), user.getContactId(), websites);
632
633 updateAnnouncementsDeliveries(
634 user.getUserId(), announcementsDelivers);
635
636 if (indexingEnabled) {
637 Indexer indexer = IndexerRegistryUtil.nullSafeGetIndexer(
638 User.class);
639
640 indexer.reindex(user);
641 }
642
643 return user;
644 }
645 finally {
646 serviceContext.setIndexingEnabled(indexingEnabled);
647 }
648 }
649
650
659 public void deletePortrait(long userId)
660 throws PortalException, SystemException {
661
662 UserPermissionUtil.check(
663 getPermissionChecker(), userId, ActionKeys.UPDATE);
664
665 userLocalService.deletePortrait(userId);
666 }
667
668
678 public void deleteRoleUser(long roleId, long userId)
679 throws PortalException, SystemException {
680
681 RolePermissionUtil.check(
682 getPermissionChecker(), roleId, ActionKeys.ASSIGN_MEMBERS);
683
684 userLocalService.deleteRoleUser(roleId, userId);
685 }
686
687
695 public void deleteUser(long userId)
696 throws PortalException, SystemException {
697
698 if (getUserId() == userId) {
699 throw new RequiredUserException();
700 }
701
702 UserPermissionUtil.check(
703 getPermissionChecker(), userId, ActionKeys.DELETE);
704
705 userLocalService.deleteUser(userId);
706 }
707
708 public List<User> getCompanyUsers(long companyId, int start, int end)
709 throws PortalException, SystemException {
710
711 PermissionChecker permissionChecker = getPermissionChecker();
712
713 if (!permissionChecker.isCompanyAdmin(companyId)) {
714 throw new PrincipalException();
715 }
716
717 return userPersistence.findByCompanyId(companyId, start, end);
718 }
719
720 public int getCompanyUsersCount(long companyId)
721 throws PortalException, SystemException {
722
723 PermissionChecker permissionChecker = getPermissionChecker();
724
725 if (!permissionChecker.isCompanyAdmin(companyId)) {
726 throw new PrincipalException();
727 }
728
729 return userPersistence.countByCompanyId(companyId);
730 }
731
732
741 public long[] getGroupUserIds(long groupId)
742 throws PortalException, SystemException {
743
744 GroupPermissionUtil.check(
745 getPermissionChecker(), groupId, ActionKeys.VIEW_MEMBERS);
746
747 return userLocalService.getGroupUserIds(groupId);
748 }
749
750
759 public List<User> getGroupUsers(long groupId)
760 throws PortalException, SystemException {
761
762 GroupPermissionUtil.check(
763 getPermissionChecker(), groupId, ActionKeys.VIEW_MEMBERS);
764
765 return userLocalService.getGroupUsers(groupId);
766 }
767
768
777 public long[] getOrganizationUserIds(long organizationId)
778 throws PortalException, SystemException {
779
780 OrganizationPermissionUtil.check(
781 getPermissionChecker(), organizationId, ActionKeys.VIEW_MEMBERS);
782
783 return userLocalService.getOrganizationUserIds(organizationId);
784 }
785
786
795 public List<User> getOrganizationUsers(long organizationId)
796 throws PortalException, SystemException {
797
798 OrganizationPermissionUtil.check(
799 getPermissionChecker(), organizationId, ActionKeys.VIEW_MEMBERS);
800
801 return userLocalService.getOrganizationUsers(organizationId);
802 }
803
804
813 public long[] getRoleUserIds(long roleId)
814 throws PortalException, SystemException {
815
816 RolePermissionUtil.check(
817 getPermissionChecker(), roleId, ActionKeys.VIEW);
818
819 return userLocalService.getRoleUserIds(roleId);
820 }
821
822
833 public User getUserByEmailAddress(long companyId, String emailAddress)
834 throws PortalException, SystemException {
835
836 User user = userLocalService.getUserByEmailAddress(
837 companyId, emailAddress);
838
839 UserPermissionUtil.check(
840 getPermissionChecker(), user.getUserId(), ActionKeys.VIEW);
841
842 return user;
843 }
844
845
854 public User getUserById(long userId)
855 throws PortalException, SystemException {
856
857 User user = userPersistence.findByPrimaryKey(userId);
858
859 UserPermissionUtil.check(
860 getPermissionChecker(), user.getUserId(), ActionKeys.VIEW);
861
862 return user;
863 }
864
865
875 public User getUserByScreenName(long companyId, String screenName)
876 throws PortalException, SystemException {
877
878 User user = userLocalService.getUserByScreenName(companyId, screenName);
879
880 UserPermissionUtil.check(
881 getPermissionChecker(), user.getUserId(), ActionKeys.VIEW);
882
883 return user;
884 }
885
886 public List<User> getUserGroupUsers(long userGroupId)
887 throws PortalException, SystemException {
888
889 UserGroupPermissionUtil.check(
890 getPermissionChecker(), userGroupId, ActionKeys.VIEW_MEMBERS);
891
892 return userGroupPersistence.getUsers(userGroupId);
893 }
894
895
905 public long getUserIdByEmailAddress(long companyId, String emailAddress)
906 throws PortalException, SystemException {
907
908 User user = getUserByEmailAddress(companyId, emailAddress);
909
910 UserPermissionUtil.check(
911 getPermissionChecker(), user.getUserId(), ActionKeys.VIEW);
912
913 return user.getUserId();
914 }
915
916
925 public long getUserIdByScreenName(long companyId, String screenName)
926 throws PortalException, SystemException {
927
928 User user = getUserByScreenName(companyId, screenName);
929
930 UserPermissionUtil.check(
931 getPermissionChecker(), user.getUserId(), ActionKeys.VIEW);
932
933 return user.getUserId();
934 }
935
936
947 public boolean hasGroupUser(long groupId, long userId)
948 throws PortalException, SystemException {
949
950 try {
951 UserPermissionUtil.check(
952 getPermissionChecker(), userId, ActionKeys.VIEW);
953 }
954 catch (PrincipalException e) {
955 GroupPermissionUtil.check(
956 getPermissionChecker(), groupId, ActionKeys.VIEW_MEMBERS);
957 }
958
959 return userLocalService.hasGroupUser(groupId, userId);
960 }
961
962
973 public boolean hasRoleUser(long roleId, long userId)
974 throws PortalException, SystemException {
975
976 try {
977 UserPermissionUtil.check(
978 getPermissionChecker(), userId, ActionKeys.VIEW);
979 }
980 catch (PrincipalException e) {
981 RolePermissionUtil.check(
982 getPermissionChecker(), roleId, ActionKeys.VIEW_MEMBERS);
983 }
984
985 return userLocalService.hasRoleUser(roleId, userId);
986 }
987
988
1003 public boolean hasRoleUser(
1004 long companyId, String name, long userId, boolean inherited)
1005 throws PortalException, SystemException {
1006
1007 try {
1008 UserPermissionUtil.check(
1009 getPermissionChecker(), userId, ActionKeys.VIEW);
1010 }
1011 catch (PrincipalException e) {
1012 Role role = roleLocalService.getRole(companyId, name);
1013
1014 RolePermissionUtil.check(
1015 getPermissionChecker(), role.getRoleId(),
1016 ActionKeys.VIEW_MEMBERS);
1017 }
1018
1019 return userLocalService.hasRoleUser(companyId, name, userId, inherited);
1020 }
1021
1022
1033 public void setRoleUsers(long roleId, long[] userIds)
1034 throws PortalException, SystemException {
1035
1036 RolePermissionUtil.check(
1037 getPermissionChecker(), roleId, ActionKeys.ASSIGN_MEMBERS);
1038
1039 List<Long> unsetUserIds = new ArrayList<Long>(userIds.length);
1040
1041 List<User> users = rolePersistence.getUsers(roleId);
1042
1043 for (User user : users) {
1044 if (!ArrayUtil.contains(userIds, user.getUserId())) {
1045 unsetUserIds.add(user.getUserId());
1046 }
1047 }
1048
1049 if (!unsetUserIds.isEmpty()) {
1050 RoleMembershipPolicyUtil.checkRoles(
1051 ArrayUtil.toLongArray(unsetUserIds), null, new long[] {roleId});
1052 }
1053
1054 if (userIds.length > 0) {
1055 RoleMembershipPolicyUtil.checkRoles(
1056 userIds, new long[] {roleId}, null);
1057 }
1058
1059 userLocalService.setRoleUsers(roleId, userIds);
1060
1061 if (!unsetUserIds.isEmpty()) {
1062 RoleMembershipPolicyUtil.propagateRoles(
1063 ArrayUtil.toLongArray(unsetUserIds), null, new long[] {roleId});
1064 }
1065
1066 if (userIds.length > 0) {
1067 RoleMembershipPolicyUtil.propagateRoles(
1068 userIds, new long[] {roleId}, null);
1069 }
1070 }
1071
1072
1082 public void setUserGroupUsers(long userGroupId, long[] userIds)
1083 throws PortalException, SystemException {
1084
1085 UserGroupPermissionUtil.check(
1086 getPermissionChecker(), userGroupId, ActionKeys.ASSIGN_MEMBERS);
1087
1088 List<Long> unsetUserIds = new ArrayList<Long>(userIds.length);
1089
1090 List<User> users = userGroupPersistence.getUsers(userGroupId);
1091
1092 for (User user : users) {
1093 if (!ArrayUtil.contains(userIds, user.getUserId())) {
1094 unsetUserIds.add(user.getUserId());
1095 }
1096 }
1097
1098 if (!unsetUserIds.isEmpty()) {
1099 UserGroupMembershipPolicyUtil.checkMembership(
1100 ArrayUtil.toLongArray(unsetUserIds), null,
1101 new long[] {userGroupId});
1102 }
1103
1104 if (userIds.length > 0) {
1105 UserGroupMembershipPolicyUtil.checkMembership(
1106 userIds, new long[] {userGroupId}, null);
1107 }
1108
1109 userLocalService.setUserGroupUsers(userGroupId, userIds);
1110
1111 if (!unsetUserIds.isEmpty()) {
1112 UserGroupMembershipPolicyUtil.propagateMembership(
1113 ArrayUtil.toLongArray(unsetUserIds), null,
1114 new long[] {userGroupId});
1115 }
1116
1117 if (userIds.length > 0) {
1118 UserGroupMembershipPolicyUtil.propagateMembership(
1119 userIds, new long[] {userGroupId}, null);
1120 }
1121 }
1122
1123
1132 public void unsetGroupTeamsUsers(long groupId, long[] userIds)
1133 throws PortalException, SystemException {
1134
1135 if (userIds.length == 0) {
1136 return;
1137 }
1138
1139 UserGroupPermissionUtil.check(
1140 getPermissionChecker(), groupId, ActionKeys.ASSIGN_MEMBERS);
1141
1142 userLocalService.unsetGroupTeamsUsers(groupId, userIds);
1143 }
1144
1145
1157 public void unsetGroupUsers(
1158 long groupId, long[] userIds, ServiceContext serviceContext)
1159 throws PortalException, SystemException {
1160
1161 userIds = UsersAdminUtil.filterUnsetGroupUserIds(
1162 getPermissionChecker(), groupId, userIds);
1163
1164 if (userIds.length == 0) {
1165 return;
1166 }
1167
1168 try {
1169 GroupPermissionUtil.check(
1170 getPermissionChecker(), groupId, ActionKeys.ASSIGN_MEMBERS);
1171 }
1172 catch (PrincipalException pe) {
1173
1174
1175
1176 boolean hasPermission = false;
1177
1178 if (userIds.length == 1) {
1179 User user = getUser();
1180
1181 if (user.getUserId() == userIds[0]) {
1182 Group group = groupPersistence.findByPrimaryKey(groupId);
1183
1184 if (user.getCompanyId() == group.getCompanyId()) {
1185 int type = group.getType();
1186
1187 if ((type == GroupConstants.TYPE_SITE_OPEN) ||
1188 (type == GroupConstants.TYPE_SITE_RESTRICTED)) {
1189
1190 hasPermission = true;
1191 }
1192 }
1193 }
1194 }
1195
1196 if (!hasPermission) {
1197 throw new PrincipalException();
1198 }
1199 }
1200
1201 SiteMembershipPolicyUtil.checkMembership(
1202 userIds, null, new long[] {groupId});
1203
1204 userLocalService.unsetGroupUsers(groupId, userIds, serviceContext);
1205
1206 SiteMembershipPolicyUtil.propagateMembership(
1207 userIds, null, new long[] {groupId});
1208 }
1209
1210
1220 public void unsetOrganizationUsers(long organizationId, long[] userIds)
1221 throws PortalException, SystemException {
1222
1223 userIds = UsersAdminUtil.filterUnsetOrganizationUserIds(
1224 getPermissionChecker(), organizationId, userIds);
1225
1226 if (userIds.length == 0) {
1227 return;
1228 }
1229
1230 OrganizationPermissionUtil.check(
1231 getPermissionChecker(), organizationId, ActionKeys.ASSIGN_MEMBERS);
1232
1233 OrganizationMembershipPolicyUtil.checkMembership(
1234 userIds, null, new long[] {organizationId});
1235
1236 userLocalService.unsetOrganizationUsers(organizationId, userIds);
1237
1238 OrganizationMembershipPolicyUtil.propagateMembership(
1239 userIds, null, new long[] {organizationId});
1240 }
1241
1242
1251 public void unsetPasswordPolicyUsers(long passwordPolicyId, long[] userIds)
1252 throws PortalException, SystemException {
1253
1254 if (userIds.length == 0) {
1255 return;
1256 }
1257
1258 PasswordPolicyPermissionUtil.check(
1259 getPermissionChecker(), passwordPolicyId,
1260 ActionKeys.ASSIGN_MEMBERS);
1261
1262 userLocalService.unsetPasswordPolicyUsers(passwordPolicyId, userIds);
1263 }
1264
1265
1275 public void unsetRoleUsers(long roleId, long[] userIds)
1276 throws PortalException, SystemException {
1277
1278 if (userIds.length == 0) {
1279 return;
1280 }
1281
1282 RolePermissionUtil.check(
1283 getPermissionChecker(), roleId, ActionKeys.ASSIGN_MEMBERS);
1284
1285 RoleMembershipPolicyUtil.checkRoles(userIds, null, new long[] {roleId});
1286
1287 userLocalService.unsetRoleUsers(roleId, userIds);
1288
1289 RoleMembershipPolicyUtil.propagateRoles(
1290 userIds, null, new long[] {roleId});
1291 }
1292
1293
1302 public void unsetTeamUsers(long teamId, long[] userIds)
1303 throws PortalException, SystemException {
1304
1305 if (userIds.length == 0) {
1306 return;
1307 }
1308
1309 TeamPermissionUtil.check(
1310 getPermissionChecker(), teamId, ActionKeys.ASSIGN_MEMBERS);
1311
1312 userLocalService.unsetTeamUsers(teamId, userIds);
1313 }
1314
1315
1325 public void unsetUserGroupUsers(long userGroupId, long[] userIds)
1326 throws PortalException, SystemException {
1327
1328 if (userIds.length == 0) {
1329 return;
1330 }
1331
1332 UserGroupPermissionUtil.check(
1333 getPermissionChecker(), userGroupId, ActionKeys.ASSIGN_MEMBERS);
1334
1335 UserGroupMembershipPolicyUtil.checkMembership(
1336 userIds, null, new long[] {userGroupId});
1337
1338 userLocalService.unsetUserGroupUsers(userGroupId, userIds);
1339
1340 UserGroupMembershipPolicyUtil.propagateMembership(
1341 userIds, null, new long[] {userGroupId});
1342 }
1343
1344
1354 public User updateAgreedToTermsOfUse(
1355 long userId, boolean agreedToTermsOfUse)
1356 throws PortalException, SystemException {
1357
1358 UserPermissionUtil.check(
1359 getPermissionChecker(), userId, ActionKeys.UPDATE);
1360
1361 return userLocalService.updateAgreedToTermsOfUse(
1362 userId, agreedToTermsOfUse);
1363 }
1364
1365
1380 public User updateEmailAddress(
1381 long userId, String password, String emailAddress1,
1382 String emailAddress2, ServiceContext serviceContext)
1383 throws PortalException, SystemException {
1384
1385 UserPermissionUtil.check(
1386 getPermissionChecker(), userId, ActionKeys.UPDATE);
1387
1388 return userLocalService.updateEmailAddress(
1389 userId, password, emailAddress1, emailAddress2, serviceContext);
1390 }
1391
1392
1431 public User updateIncompleteUser(
1432 long companyId, boolean autoPassword, String password1,
1433 String password2, boolean autoScreenName, String screenName,
1434 String emailAddress, long facebookId, String openId, Locale locale,
1435 String firstName, String middleName, String lastName, int prefixId,
1436 int suffixId, boolean male, int birthdayMonth, int birthdayDay,
1437 int birthdayYear, String jobTitle, boolean updateUserInformation,
1438 boolean sendEmail, ServiceContext serviceContext)
1439 throws PortalException, SystemException {
1440
1441 long creatorUserId = 0;
1442
1443 try {
1444 creatorUserId = getGuestOrUserId();
1445 }
1446 catch (PrincipalException pe) {
1447 }
1448
1449 checkAddUserPermission(
1450 creatorUserId, companyId, emailAddress, null, null, null, null,
1451 serviceContext);
1452
1453 return userLocalService.updateIncompleteUser(
1454 creatorUserId, companyId, autoPassword, password1, password2,
1455 autoScreenName, screenName, emailAddress, facebookId, openId,
1456 locale, firstName, middleName, lastName, prefixId, suffixId, male,
1457 birthdayMonth, birthdayDay, birthdayYear, jobTitle,
1458 updateUserInformation, sendEmail, serviceContext);
1459 }
1460
1461
1471 public User updateLockoutById(long userId, boolean lockout)
1472 throws PortalException, SystemException {
1473
1474 UserPermissionUtil.check(
1475 getPermissionChecker(), userId, ActionKeys.DELETE);
1476
1477 return userLocalService.updateLockoutById(userId, lockout);
1478 }
1479
1480
1490 public User updateOpenId(long userId, String openId)
1491 throws PortalException, SystemException {
1492
1493 UserPermissionUtil.check(
1494 getPermissionChecker(), userId, ActionKeys.UPDATE);
1495
1496 return userLocalService.updateOpenId(userId, openId);
1497 }
1498
1499
1511 public void updateOrganizations(
1512 long userId, long[] organizationIds, ServiceContext serviceContext)
1513 throws PortalException, SystemException {
1514
1515 UserPermissionUtil.check(
1516 getPermissionChecker(), userId, ActionKeys.UPDATE);
1517
1518 checkOrganizations(userId, organizationIds);
1519
1520 userLocalService.updateOrganizations(
1521 userId, organizationIds, serviceContext);
1522 }
1523
1524
1537 public User updatePassword(
1538 long userId, String password1, String password2,
1539 boolean passwordReset)
1540 throws PortalException, SystemException {
1541
1542 UserPermissionUtil.check(
1543 getPermissionChecker(), userId, ActionKeys.UPDATE);
1544
1545 return userLocalService.updatePassword(
1546 userId, password1, password2, passwordReset);
1547 }
1548
1549
1560 public User updatePortrait(long userId, byte[] bytes)
1561 throws PortalException, SystemException {
1562
1563 UserPermissionUtil.check(
1564 getPermissionChecker(), userId, ActionKeys.UPDATE);
1565
1566 return userLocalService.updatePortrait(userId, bytes);
1567 }
1568
1569
1581 public User updateReminderQuery(long userId, String question, String answer)
1582 throws PortalException, SystemException {
1583
1584 UserPermissionUtil.check(
1585 getPermissionChecker(), userId, ActionKeys.UPDATE);
1586
1587 return userLocalService.updateReminderQuery(userId, question, answer);
1588 }
1589
1590
1601 public User updateScreenName(long userId, String screenName)
1602 throws PortalException, SystemException {
1603
1604 UserPermissionUtil.check(
1605 getPermissionChecker(), userId, ActionKeys.UPDATE);
1606
1607 return userLocalService.updateScreenName(userId, screenName);
1608 }
1609
1610
1624 public User updateStatus(long userId, int status)
1625 throws PortalException, SystemException {
1626
1627 if ((getUserId() == userId) &&
1628 (status != WorkflowConstants.STATUS_APPROVED)) {
1629
1630 throw new RequiredUserException();
1631 }
1632
1633 UserPermissionUtil.check(
1634 getPermissionChecker(), userId, ActionKeys.DELETE);
1635
1636 return userLocalService.updateStatus(userId, status);
1637 }
1638
1639
1702 public User updateUser(
1703 long userId, String oldPassword, String newPassword1,
1704 String newPassword2, boolean passwordReset,
1705 String reminderQueryQuestion, String reminderQueryAnswer,
1706 String screenName, String emailAddress, long facebookId,
1707 String openId, String languageId, String timeZoneId,
1708 String greeting, String comments, String firstName,
1709 String middleName, String lastName, int prefixId, int suffixId,
1710 boolean male, int birthdayMonth, int birthdayDay, int birthdayYear,
1711 String smsSn, String aimSn, String facebookSn, String icqSn,
1712 String jabberSn, String msnSn, String mySpaceSn, String skypeSn,
1713 String twitterSn, String ymSn, String jobTitle, long[] groupIds,
1714 long[] organizationIds, long[] roleIds,
1715 List<UserGroupRole> userGroupRoles, long[] userGroupIds,
1716 List<Address> addresses, List<EmailAddress> emailAddresses,
1717 List<Phone> phones, List<Website> websites,
1718 List<AnnouncementsDelivery> announcementsDelivers,
1719 ServiceContext serviceContext)
1720 throws PortalException, SystemException {
1721
1722 UserPermissionUtil.check(
1723 getPermissionChecker(), userId, organizationIds, ActionKeys.UPDATE);
1724
1725 User user = userPersistence.findByPrimaryKey(userId);
1726
1727 if (addresses != null) {
1728 UsersAdminUtil.updateAddresses(
1729 Contact.class.getName(), user.getContactId(), addresses);
1730 }
1731
1732 if (emailAddresses != null) {
1733 UsersAdminUtil.updateEmailAddresses(
1734 Contact.class.getName(), user.getContactId(), emailAddresses);
1735 }
1736
1737 if (phones != null) {
1738 UsersAdminUtil.updatePhones(
1739 Contact.class.getName(), user.getContactId(), phones);
1740 }
1741
1742 if (websites != null) {
1743 UsersAdminUtil.updateWebsites(
1744 Contact.class.getName(), user.getContactId(), websites);
1745 }
1746
1747 if (announcementsDelivers != null) {
1748 updateAnnouncementsDeliveries(
1749 user.getUserId(), announcementsDelivers);
1750 }
1751
1752 long curUserId = getUserId();
1753
1754 if (curUserId == userId) {
1755 screenName = screenName.trim().toLowerCase();
1756
1757 if (!screenName.equalsIgnoreCase(user.getScreenName())) {
1758 validateScreenName(user, screenName);
1759 }
1760
1761 emailAddress = emailAddress.trim().toLowerCase();
1762
1763 if (!emailAddress.equalsIgnoreCase(user.getEmailAddress())) {
1764 validateEmailAddress(user, emailAddress);
1765 }
1766 }
1767
1768
1769
1770 long[] oldGroupIds = user.getGroupIds();
1771
1772 List<Long> addGroupIds = new ArrayList<Long>();
1773 List<Long> removeGroupIds = ListUtil.toList(oldGroupIds);
1774
1775 if (groupIds != null) {
1776 groupIds = checkGroups(userId, groupIds);
1777
1778 for (long groupId : groupIds) {
1779 if (ArrayUtil.contains(oldGroupIds, groupId)) {
1780 removeGroupIds.remove(groupId);
1781 }
1782 else {
1783 addGroupIds.add(groupId);
1784 }
1785 }
1786
1787 if (!addGroupIds.isEmpty() || !removeGroupIds.isEmpty()) {
1788 SiteMembershipPolicyUtil.checkMembership(
1789 new long[] {userId}, ArrayUtil.toLongArray(addGroupIds),
1790 ArrayUtil.toLongArray(removeGroupIds));
1791 }
1792 }
1793
1794
1795
1796 long[] oldOrganizationIds = user.getOrganizationIds();
1797
1798 List<Long> addOrganizationIds = new ArrayList<Long>();
1799 List<Long> removeOrganizationIds = ListUtil.toList(oldOrganizationIds);
1800
1801 if (organizationIds != null) {
1802 organizationIds = checkOrganizations(userId, organizationIds);
1803
1804 for (long organizationId : organizationIds) {
1805 if (ArrayUtil.contains(oldOrganizationIds, organizationId)) {
1806 removeOrganizationIds.remove(organizationId);
1807 }
1808 else {
1809 addOrganizationIds.add(organizationId);
1810 }
1811 }
1812
1813 if (!addOrganizationIds.isEmpty() ||
1814 !removeOrganizationIds.isEmpty()) {
1815
1816 OrganizationMembershipPolicyUtil.checkMembership(
1817 new long[] {userId},
1818 ArrayUtil.toLongArray(addOrganizationIds),
1819 ArrayUtil.toLongArray(removeOrganizationIds));
1820 }
1821 }
1822
1823
1824
1825 long[] oldRoleIds = user.getRoleIds();
1826
1827 List<Long> addRoleIds = new ArrayList<Long>();
1828 List<Long> removeRoleIds = ListUtil.toList(oldRoleIds);
1829
1830 if (roleIds != null) {
1831 roleIds = checkRoles(userId, roleIds);
1832
1833 for (long roleId : roleIds) {
1834 if (ArrayUtil.contains(oldRoleIds, roleId)) {
1835 removeRoleIds.remove(roleId);
1836 }
1837 else {
1838 addRoleIds.add(roleId);
1839 }
1840 }
1841
1842 if (!addRoleIds.isEmpty() || !removeRoleIds.isEmpty()) {
1843 RoleMembershipPolicyUtil.checkRoles(
1844 new long[] {userId}, ArrayUtil.toLongArray(addRoleIds),
1845 ArrayUtil.toLongArray(removeRoleIds));
1846 }
1847 }
1848
1849 List<UserGroupRole> oldOrganizationUserGroupRoles =
1850 new ArrayList<UserGroupRole>();
1851 List<UserGroupRole> oldSiteUserGroupRoles =
1852 new ArrayList<UserGroupRole>();
1853
1854 List<UserGroupRole> oldUserGroupRoles =
1855 userGroupRolePersistence.findByUserId(userId);
1856
1857 for (UserGroupRole oldUserGroupRole : oldUserGroupRoles) {
1858 Role role = oldUserGroupRole.getRole();
1859
1860 if (role.getType() == RoleConstants.TYPE_ORGANIZATION) {
1861 oldOrganizationUserGroupRoles.add(oldUserGroupRole);
1862 }
1863 else if (role.getType() == RoleConstants.TYPE_SITE) {
1864 oldSiteUserGroupRoles.add(oldUserGroupRole);
1865 }
1866 }
1867
1868 List<UserGroupRole> addOrganizationUserGroupRoles =
1869 new ArrayList<UserGroupRole>();
1870 List<UserGroupRole> removeOrganizationUserGroupRoles = ListUtil.copy(
1871 oldOrganizationUserGroupRoles);
1872 List<UserGroupRole> addSiteUserGroupRoles =
1873 new ArrayList<UserGroupRole>();
1874 List<UserGroupRole> removeSiteUserGroupRoles = ListUtil.copy(
1875 oldSiteUserGroupRoles);
1876
1877 if (userGroupRoles != null) {
1878 userGroupRoles = checkUserGroupRoles(userId, userGroupRoles);
1879
1880 for (UserGroupRole userGroupRole : userGroupRoles) {
1881 Role role = userGroupRole.getRole();
1882
1883 if (role.getType() == RoleConstants.TYPE_ORGANIZATION) {
1884 if (oldOrganizationUserGroupRoles.contains(userGroupRole)) {
1885 removeOrganizationUserGroupRoles.remove(userGroupRole);
1886 }
1887 else {
1888 addOrganizationUserGroupRoles.add(userGroupRole);
1889 }
1890 }
1891 else if (role.getType() == RoleConstants.TYPE_SITE) {
1892 if (oldSiteUserGroupRoles.contains(userGroupRole)) {
1893 removeSiteUserGroupRoles.remove(userGroupRole);
1894 }
1895 else {
1896 addSiteUserGroupRoles.add(userGroupRole);
1897 }
1898 }
1899 }
1900
1901 if (!addOrganizationUserGroupRoles.isEmpty() ||
1902 !removeOrganizationUserGroupRoles.isEmpty()) {
1903
1904 OrganizationMembershipPolicyUtil.checkRoles(
1905 addOrganizationUserGroupRoles,
1906 removeOrganizationUserGroupRoles);
1907 }
1908
1909 if (!addSiteUserGroupRoles.isEmpty() ||
1910 !removeSiteUserGroupRoles.isEmpty()) {
1911
1912 SiteMembershipPolicyUtil.checkRoles(
1913 addSiteUserGroupRoles, removeSiteUserGroupRoles);
1914 }
1915 }
1916
1917
1918
1919 long[] oldUserGroupIds = user.getUserGroupIds();
1920
1921 List<Long> addUserGroupIds = new ArrayList<Long>();
1922 List<Long> removeUserGroupIds = ListUtil.toList(oldUserGroupIds);
1923
1924 if (userGroupIds != null) {
1925 userGroupIds = checkUserGroupIds(userId, userGroupIds);
1926
1927 for (long userGroupId : userGroupIds) {
1928 if (ArrayUtil.contains(oldUserGroupIds, userGroupId)) {
1929 removeUserGroupIds.remove(userGroupId);
1930 }
1931 else {
1932 addUserGroupIds.add(userGroupId);
1933 }
1934 }
1935
1936 if (!addUserGroupIds.isEmpty() || !removeUserGroupIds.isEmpty()) {
1937 UserGroupMembershipPolicyUtil.checkMembership(
1938 new long[] {userId}, ArrayUtil.toLongArray(addUserGroupIds),
1939 ArrayUtil.toLongArray(removeUserGroupIds));
1940 }
1941 }
1942
1943 user = userLocalService.updateUser(
1944 userId, oldPassword, newPassword1, newPassword2, passwordReset,
1945 reminderQueryQuestion, reminderQueryAnswer, screenName,
1946 emailAddress, facebookId, openId, languageId, timeZoneId, greeting,
1947 comments, firstName, middleName, lastName, prefixId, suffixId, male,
1948 birthdayMonth, birthdayDay, birthdayYear, smsSn, aimSn, facebookSn,
1949 icqSn, jabberSn, msnSn, mySpaceSn, skypeSn, twitterSn, ymSn,
1950 jobTitle, groupIds, organizationIds, roleIds, userGroupRoles,
1951 userGroupIds, serviceContext);
1952
1953 if (!addGroupIds.isEmpty() || !removeGroupIds.isEmpty()) {
1954 SiteMembershipPolicyUtil.propagateMembership(
1955 new long[] {user.getUserId()},
1956 ArrayUtil.toLongArray(addGroupIds),
1957 ArrayUtil.toLongArray(removeGroupIds));
1958 }
1959
1960 if (!addOrganizationIds.isEmpty() || !removeOrganizationIds.isEmpty()) {
1961 OrganizationMembershipPolicyUtil.propagateMembership(
1962 new long[] {user.getUserId()},
1963 ArrayUtil.toLongArray(addOrganizationIds),
1964 ArrayUtil.toLongArray(removeOrganizationIds));
1965 }
1966
1967 if (!addRoleIds.isEmpty() || !removeRoleIds.isEmpty()) {
1968 RoleMembershipPolicyUtil.propagateRoles(
1969 new long[] {user.getUserId()},
1970 ArrayUtil.toLongArray(addRoleIds),
1971 ArrayUtil.toLongArray(removeRoleIds));
1972 }
1973
1974 if (!addSiteUserGroupRoles.isEmpty() ||
1975 !removeSiteUserGroupRoles.isEmpty()) {
1976
1977 SiteMembershipPolicyUtil.propagateRoles(
1978 addSiteUserGroupRoles, removeSiteUserGroupRoles);
1979 }
1980
1981 if (!addOrganizationUserGroupRoles.isEmpty() ||
1982 !removeOrganizationUserGroupRoles.isEmpty()) {
1983
1984 OrganizationMembershipPolicyUtil.propagateRoles(
1985 addOrganizationUserGroupRoles,
1986 removeOrganizationUserGroupRoles);
1987 }
1988
1989 if (!addUserGroupIds.isEmpty() || !removeGroupIds.isEmpty()) {
1990 UserGroupMembershipPolicyUtil.propagateMembership(
1991 new long[] {user.getUserId()},
1992 ArrayUtil.toLongArray(addUserGroupIds),
1993 ArrayUtil.toLongArray(removeUserGroupIds));
1994 }
1995
1996 return user;
1997 }
1998
1999
2057 public User updateUser(
2058 long userId, String oldPassword, String newPassword1,
2059 String newPassword2, boolean passwordReset,
2060 String reminderQueryQuestion, String reminderQueryAnswer,
2061 String screenName, String emailAddress, long facebookId,
2062 String openId, String languageId, String timeZoneId,
2063 String greeting, String comments, String firstName,
2064 String middleName, String lastName, int prefixId, int suffixId,
2065 boolean male, int birthdayMonth, int birthdayDay, int birthdayYear,
2066 String smsSn, String aimSn, String facebookSn, String icqSn,
2067 String jabberSn, String msnSn, String mySpaceSn, String skypeSn,
2068 String twitterSn, String ymSn, String jobTitle, long[] groupIds,
2069 long[] organizationIds, long[] roleIds,
2070 List<UserGroupRole> userGroupRoles, long[] userGroupIds,
2071 ServiceContext serviceContext)
2072 throws PortalException, SystemException {
2073
2074 return updateUser(
2075 userId, oldPassword, newPassword1, newPassword2, passwordReset,
2076 reminderQueryQuestion, reminderQueryAnswer, screenName,
2077 emailAddress, facebookId, openId, languageId, timeZoneId, greeting,
2078 comments, firstName, middleName, lastName, prefixId, suffixId, male,
2079 birthdayMonth, birthdayDay, birthdayYear, smsSn, aimSn, facebookSn,
2080 icqSn, jabberSn, msnSn, mySpaceSn, skypeSn, twitterSn, ymSn,
2081 jobTitle, groupIds, organizationIds, roleIds, userGroupRoles,
2082 userGroupIds, null, null, null, null, null, serviceContext);
2083 }
2084
2085 protected void checkAddUserPermission(
2086 long creatorUserId, long companyId, String emailAddress,
2087 long[] groupIds, long[] organizationIds, long[] roleIds,
2088 long[] userGroupIds, ServiceContext serviceContext)
2089 throws PortalException, SystemException {
2090
2091 Company company = companyPersistence.findByPrimaryKey(companyId);
2092
2093 if (groupIds != null) {
2094 checkGroups(0, groupIds);
2095 }
2096
2097 if (organizationIds != null) {
2098 checkOrganizations(0, organizationIds);
2099 }
2100
2101 if (roleIds != null) {
2102 checkRoles(0, roleIds);
2103 }
2104
2105 if (userGroupIds != null) {
2106 checkUserGroupIds(0, userGroupIds);
2107 }
2108
2109 boolean anonymousUser = ParamUtil.getBoolean(
2110 serviceContext, "anonymousUser");
2111
2112 long defaultUserId = userLocalService.getDefaultUserId(companyId);
2113
2114 if (((creatorUserId != 0) && (creatorUserId != defaultUserId)) ||
2115 (!company.isStrangers() && !anonymousUser)) {
2116
2117 if (!PortalPermissionUtil.contains(
2118 getPermissionChecker(), ActionKeys.ADD_USER) &&
2119 !OrganizationPermissionUtil.contains(
2120 getPermissionChecker(), organizationIds,
2121 ActionKeys.ASSIGN_MEMBERS)) {
2122
2123 throw new PrincipalException();
2124 }
2125 }
2126
2127 if ((creatorUserId == 0) || (creatorUserId == defaultUserId)) {
2128 if (!company.isStrangersWithMx() &&
2129 company.hasCompanyMx(emailAddress)) {
2130
2131 throw new ReservedUserEmailAddressException();
2132 }
2133 }
2134 }
2135
2136 protected long[] checkGroups(long userId, long[] groupIds)
2137 throws PortalException, SystemException {
2138
2139 long[] oldGroupIds = null;
2140
2141 PermissionChecker permissionChecker = getPermissionChecker();
2142
2143 User user = null;
2144
2145 if (userId != CompanyConstants.SYSTEM) {
2146
2147
2148
2149
2150
2151 user = userPersistence.findByPrimaryKey(userId);
2152
2153 List<Group> oldGroups = groupLocalService.getUserGroups(userId);
2154
2155 oldGroupIds = new long[oldGroups.size()];
2156
2157 for (int i = 0; i < oldGroups.size(); i++) {
2158 Group group = oldGroups.get(i);
2159
2160 if (!ArrayUtil.contains(groupIds, group.getGroupId()) &&
2161 (!GroupPermissionUtil.contains(
2162 permissionChecker, group.getGroupId(),
2163 ActionKeys.ASSIGN_MEMBERS) ||
2164 SiteMembershipPolicyUtil.isMembershipProtected(
2165 permissionChecker, user.getUserId(),
2166 group.getGroupId()) ||
2167 SiteMembershipPolicyUtil.isMembershipRequired(
2168 userId, group.getGroupId()))) {
2169
2170 groupIds = ArrayUtil.append(groupIds, group.getGroupId());
2171 }
2172
2173 oldGroupIds[i] = group.getGroupId();
2174 }
2175 }
2176
2177
2178
2179
2180 for (long groupId : groupIds) {
2181 if ((oldGroupIds != null) &&
2182 ArrayUtil.contains(oldGroupIds, groupId)) {
2183
2184 continue;
2185 }
2186
2187 Group group = groupPersistence.findByPrimaryKey(groupId);
2188
2189 GroupPermissionUtil.check(
2190 permissionChecker, group, ActionKeys.ASSIGN_MEMBERS);
2191 }
2192
2193 return groupIds;
2194 }
2195
2196 protected void checkMembership(
2197 long[] userIds, long[] groupIds, long[] organizationIds,
2198 long[] roleIds, long[] userGroupIds)
2199 throws PortalException, SystemException {
2200
2201 if (groupIds != null) {
2202 SiteMembershipPolicyUtil.checkMembership(userIds, groupIds, null);
2203 }
2204
2205 if (organizationIds != null) {
2206 OrganizationMembershipPolicyUtil.checkMembership(
2207 userIds, organizationIds, null);
2208 }
2209
2210 if (roleIds != null) {
2211 RoleMembershipPolicyUtil.checkRoles(userIds, roleIds, null);
2212 }
2213
2214 if (userGroupIds != null) {
2215 UserGroupMembershipPolicyUtil.checkMembership(
2216 userIds, userGroupIds, null);
2217 }
2218 }
2219
2220 protected long[] checkOrganizations(long userId, long[] organizationIds)
2221 throws PortalException, SystemException {
2222
2223 long[] oldOrganizationIds = null;
2224
2225 PermissionChecker permissionChecker = getPermissionChecker();
2226
2227 if (userId != CompanyConstants.SYSTEM) {
2228
2229
2230
2231
2232
2233 List<Organization> oldOrganizations =
2234 organizationLocalService.getUserOrganizations(userId);
2235
2236 oldOrganizationIds = new long[oldOrganizations.size()];
2237
2238 for (int i = 0; i < oldOrganizations.size(); i++) {
2239 Organization organization = oldOrganizations.get(i);
2240
2241 if (!ArrayUtil.contains(
2242 organizationIds, organization.getOrganizationId()) &&
2243 (!OrganizationPermissionUtil.contains(
2244 permissionChecker, organization.getOrganizationId(),
2245 ActionKeys.ASSIGN_MEMBERS) ||
2246 OrganizationMembershipPolicyUtil.isMembershipProtected(
2247 permissionChecker, userId,
2248 organization.getOrganizationId()) ||
2249 OrganizationMembershipPolicyUtil.isMembershipRequired(
2250 userId, organization.getOrganizationId()))) {
2251
2252 organizationIds = ArrayUtil.append(
2253 organizationIds, organization.getOrganizationId());
2254 }
2255
2256 oldOrganizationIds[i] = organization.getOrganizationId();
2257 }
2258 }
2259
2260
2261
2262
2263 for (long organizationId : organizationIds) {
2264 if ((oldOrganizationIds != null) &&
2265 ArrayUtil.contains(oldOrganizationIds, organizationId)) {
2266
2267 continue;
2268 }
2269
2270 Organization organization =
2271 organizationPersistence.findByPrimaryKey(organizationId);
2272
2273 OrganizationPermissionUtil.check(
2274 permissionChecker, organization, ActionKeys.ASSIGN_MEMBERS);
2275 }
2276
2277 return organizationIds;
2278 }
2279
2280 protected long[] checkRoles(long userId, long[] roleIds)
2281 throws PortalException, SystemException {
2282
2283 long[] oldRoleIds = null;
2284
2285 PermissionChecker permissionChecker = getPermissionChecker();
2286
2287 if (userId != CompanyConstants.SYSTEM) {
2288
2289
2290
2291
2292
2293 List<Role> oldRoles = roleLocalService.getUserRoles(userId);
2294
2295 oldRoleIds = new long[oldRoles.size()];
2296
2297 for (int i = 0; i < oldRoles.size(); i++) {
2298 Role role = oldRoles.get(i);
2299
2300 if (!ArrayUtil.contains(roleIds, role.getRoleId()) &&
2301 (!RolePermissionUtil.contains(
2302 permissionChecker, role.getRoleId(),
2303 ActionKeys.ASSIGN_MEMBERS) ||
2304 RoleMembershipPolicyUtil.isRoleRequired(
2305 userId, role.getRoleId()))) {
2306
2307 roleIds = ArrayUtil.append(roleIds, role.getRoleId());
2308 }
2309
2310 oldRoleIds[i] = role.getRoleId();
2311 }
2312 }
2313
2314
2315
2316
2317 for (long roleId : roleIds) {
2318 if ((oldRoleIds != null) &&
2319 ArrayUtil.contains(oldRoleIds, roleId)) {
2320
2321 continue;
2322 }
2323
2324 RolePermissionUtil.check(
2325 permissionChecker, roleId, ActionKeys.ASSIGN_MEMBERS);
2326 }
2327
2328 return UsersAdminUtil.addRequiredRoles(userId, roleIds);
2329 }
2330
2331 protected long[] checkUserGroupIds(long userId, long[] userGroupIds)
2332 throws PortalException, SystemException {
2333
2334 long[] oldUserGroupIds = null;
2335
2336 PermissionChecker permissionChecker = getPermissionChecker();
2337
2338 if (userId != CompanyConstants.SYSTEM) {
2339
2340
2341
2342
2343 List<UserGroup> oldUserGroups =
2344 userGroupLocalService.getUserUserGroups(userId);
2345
2346 oldUserGroupIds = new long[oldUserGroups.size()];
2347
2348 for (int i = 0; i < oldUserGroups.size(); i++) {
2349 UserGroup userGroup = oldUserGroups.get(i);
2350
2351 if (!ArrayUtil.contains(
2352 userGroupIds, userGroup.getUserGroupId()) &&
2353 (!UserGroupPermissionUtil.contains(
2354 permissionChecker, userGroup.getUserGroupId(),
2355 ActionKeys.ASSIGN_MEMBERS) ||
2356 UserGroupMembershipPolicyUtil.isMembershipRequired(
2357 userId, userGroup.getUserGroupId()))) {
2358
2359 userGroupIds = ArrayUtil.append(
2360 userGroupIds, userGroup.getUserGroupId());
2361 }
2362
2363 oldUserGroupIds[i] = userGroup.getUserGroupId();
2364 }
2365 }
2366
2367
2368
2369
2370 for (long userGroupId : userGroupIds) {
2371 if ((oldUserGroupIds == null) ||
2372 !ArrayUtil.contains(oldUserGroupIds, userGroupId)) {
2373
2374 UserGroupPermissionUtil.check(
2375 permissionChecker, userGroupId, ActionKeys.ASSIGN_MEMBERS);
2376 }
2377 }
2378
2379 return userGroupIds;
2380 }
2381
2382 protected List<UserGroupRole> checkUserGroupRoles(
2383 long userId, List<UserGroupRole> userGroupRoles)
2384 throws PortalException, SystemException {
2385
2386 List<UserGroupRole> oldUserGroupRoles = null;
2387
2388 PermissionChecker permissionChecker = getPermissionChecker();
2389
2390 if (userId != CompanyConstants.SYSTEM) {
2391
2392
2393
2394
2395 oldUserGroupRoles = userGroupRoleLocalService.getUserGroupRoles(
2396 userId);
2397
2398 for (UserGroupRole oldUserGroupRole : oldUserGroupRoles) {
2399 Role role = oldUserGroupRole.getRole();
2400 Group group = oldUserGroupRole.getGroup();
2401
2402 if (userGroupRoles.contains(oldUserGroupRole)) {
2403 continue;
2404 }
2405
2406 if (role.getType() == RoleConstants.TYPE_ORGANIZATION) {
2407 Organization organization =
2408 organizationPersistence.findByPrimaryKey(
2409 group.getOrganizationId());
2410
2411 if (!UserGroupRolePermissionUtil.contains(
2412 permissionChecker, oldUserGroupRole.getGroupId(),
2413 oldUserGroupRole.getRoleId()) ||
2414 OrganizationMembershipPolicyUtil.isRoleProtected(
2415 getPermissionChecker(), userId,
2416 organization.getOrganizationId(),
2417 role.getRoleId()) ||
2418 OrganizationMembershipPolicyUtil.isRoleRequired(
2419 userId, organization.getOrganizationId(),
2420 role.getRoleId())) {
2421
2422 userGroupRoles.add(oldUserGroupRole);
2423 }
2424 }
2425 else if (role.getType() == RoleConstants.TYPE_SITE) {
2426 if (!userGroupRoles.contains(oldUserGroupRole) &&
2427 (!UserGroupRolePermissionUtil.contains(
2428 permissionChecker, oldUserGroupRole.getGroupId(),
2429 oldUserGroupRole.getRoleId()) ||
2430 SiteMembershipPolicyUtil.isRoleProtected(
2431 getPermissionChecker(), userId, group.getGroupId(),
2432 role.getRoleId()) ||
2433 SiteMembershipPolicyUtil.isRoleRequired(
2434 userId, group.getGroupId(), role.getRoleId()))) {
2435
2436 userGroupRoles.add(oldUserGroupRole);
2437 }
2438 }
2439 }
2440 }
2441
2442
2443
2444
2445 for (UserGroupRole userGroupRole : userGroupRoles) {
2446 if ((oldUserGroupRoles == null) ||
2447 !oldUserGroupRoles.contains(userGroupRole)) {
2448
2449 UserGroupRolePermissionUtil.check(
2450 permissionChecker, userGroupRole.getGroupId(),
2451 userGroupRole.getRoleId());
2452 }
2453 }
2454
2455 return userGroupRoles;
2456 }
2457
2458 protected void propagateMembership(
2459 long[] userIds, long[] groupIds, long[] organizationIds,
2460 long[] roleIds, long[] userGroupIds)
2461 throws PortalException, SystemException {
2462
2463 if (groupIds != null) {
2464 SiteMembershipPolicyUtil.propagateMembership(
2465 userIds, groupIds, null);
2466 }
2467
2468 if (organizationIds != null) {
2469 OrganizationMembershipPolicyUtil.propagateMembership(
2470 userIds, organizationIds, null);
2471 }
2472
2473 if (roleIds != null) {
2474 RoleMembershipPolicyUtil.propagateRoles(userIds, roleIds, null);
2475 }
2476
2477 if (userGroupIds != null) {
2478 UserGroupMembershipPolicyUtil.propagateMembership(
2479 userIds, userGroupIds, null);
2480 }
2481 }
2482
2483 protected void updateAnnouncementsDeliveries(
2484 long userId, List<AnnouncementsDelivery> announcementsDeliveries)
2485 throws PortalException, SystemException {
2486
2487 for (AnnouncementsDelivery announcementsDelivery :
2488 announcementsDeliveries) {
2489
2490 announcementsDeliveryService.updateDelivery(
2491 userId, announcementsDelivery.getType(),
2492 announcementsDelivery.getEmail(),
2493 announcementsDelivery.getSms(),
2494 announcementsDelivery.getWebsite());
2495 }
2496 }
2497
2498 protected void validateEmailAddress(User user, String emailAddress)
2499 throws PortalException, SystemException {
2500
2501 PermissionChecker permissionChecker = getPermissionChecker();
2502
2503 if (!UsersAdminUtil.hasUpdateEmailAddress(permissionChecker, user)) {
2504 throw new UserEmailAddressException();
2505 }
2506
2507 if (!user.hasCompanyMx() && user.hasCompanyMx(emailAddress)) {
2508 Company company = companyPersistence.findByPrimaryKey(
2509 user.getCompanyId());
2510
2511 if (!company.isStrangersWithMx()) {
2512 throw new ReservedUserEmailAddressException();
2513 }
2514 }
2515 }
2516
2517 protected void validateOrganizationUsers(long[] userIds)
2518 throws PortalException, SystemException {
2519
2520 PermissionChecker permissionChecker = getPermissionChecker();
2521
2522 if (!PropsValues.ORGANIZATIONS_ASSIGNMENT_STRICT ||
2523 permissionChecker.isCompanyAdmin()) {
2524
2525 return;
2526 }
2527
2528 for (long userId : userIds) {
2529 boolean allowed = false;
2530
2531 List<Organization> organizations =
2532 organizationLocalService.getUserOrganizations(userId);
2533
2534 for (Organization organization : organizations) {
2535 if (OrganizationPermissionUtil.contains(
2536 permissionChecker, organization,
2537 ActionKeys.MANAGE_USERS)) {
2538
2539 allowed = true;
2540
2541 break;
2542 }
2543 }
2544
2545 if (!allowed) {
2546 throw new PrincipalException();
2547 }
2548 }
2549 }
2550
2551 protected void validateScreenName(User user, String screenName)
2552 throws PortalException, SystemException {
2553
2554 PermissionChecker permissionChecker = getPermissionChecker();
2555
2556 if (!UsersAdminUtil.hasUpdateScreenName(permissionChecker, user)) {
2557 throw new UserScreenNameException();
2558 }
2559 }
2560
2561 }