001    /**
002     * Copyright (c) 2000-2013 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.service.impl;
016    
017    import com.liferay.portal.DuplicatePasswordPolicyException;
018    import com.liferay.portal.PasswordPolicyNameException;
019    import com.liferay.portal.RequiredPasswordPolicyException;
020    import com.liferay.portal.kernel.cache.ThreadLocalCachable;
021    import com.liferay.portal.kernel.exception.PortalException;
022    import com.liferay.portal.kernel.exception.SystemException;
023    import com.liferay.portal.kernel.util.CharPool;
024    import com.liferay.portal.kernel.util.OrderByComparator;
025    import com.liferay.portal.kernel.util.Validator;
026    import com.liferay.portal.model.Organization;
027    import com.liferay.portal.model.PasswordPolicy;
028    import com.liferay.portal.model.PasswordPolicyRel;
029    import com.liferay.portal.model.ResourceConstants;
030    import com.liferay.portal.model.User;
031    import com.liferay.portal.security.ldap.LDAPSettingsUtil;
032    import com.liferay.portal.service.ServiceContext;
033    import com.liferay.portal.service.base.PasswordPolicyLocalServiceBaseImpl;
034    import com.liferay.portal.util.PropsValues;
035    
036    import java.util.Date;
037    import java.util.List;
038    
039    /**
040     * @author Scott Lee
041     */
042    public class PasswordPolicyLocalServiceImpl
043            extends PasswordPolicyLocalServiceBaseImpl {
044    
045            /**
046             * @deprecated As of 6.2.0, replaced by {@link #addPasswordPolicy(long,
047             *             boolean, String, String, boolean, boolean, long, boolean,
048             *             boolean, int, int, int, int, int, int, String, boolean, int,
049             *             boolean, long, long, int, boolean, int, long, long, long,
050             *             ServiceContext)}
051             */
052            public PasswordPolicy addPasswordPolicy(
053                            long userId, boolean defaultPolicy, String name, String description,
054                            boolean changeable, boolean changeRequired, long minAge,
055                            boolean checkSyntax, boolean allowDictionaryWords,
056                            int minAlphanumeric, int minLength, int minLowerCase,
057                            int minNumbers, int minSymbols, int minUpperCase, boolean history,
058                            int historyCount, boolean expireable, long maxAge, long warningTime,
059                            int graceLimit, boolean lockout, int maxFailure,
060                            long lockoutDuration, long resetFailureCount,
061                            long resetTicketMaxAge)
062                    throws PortalException, SystemException {
063    
064                    return addPasswordPolicy(
065                            userId, defaultPolicy, name, description, changeable,
066                            changeRequired, minAge, checkSyntax, allowDictionaryWords,
067                            minAlphanumeric, minLength, minLowerCase, minNumbers, minSymbols,
068                            minUpperCase, null, history, historyCount, expireable, maxAge,
069                            warningTime, graceLimit, lockout, maxFailure, lockoutDuration,
070                            resetFailureCount, resetTicketMaxAge, new ServiceContext());
071            }
072    
073            public PasswordPolicy addPasswordPolicy(
074                            long userId, boolean defaultPolicy, String name, String description,
075                            boolean changeable, boolean changeRequired, long minAge,
076                            boolean checkSyntax, boolean allowDictionaryWords,
077                            int minAlphanumeric, int minLength, int minLowerCase,
078                            int minNumbers, int minSymbols, int minUpperCase, String regex,
079                            boolean history, int historyCount, boolean expireable, long maxAge,
080                            long warningTime, int graceLimit, boolean lockout, int maxFailure,
081                            long lockoutDuration, long resetFailureCount,
082                            long resetTicketMaxAge, ServiceContext serviceContext)
083                    throws PortalException, SystemException {
084    
085                    // Password policy
086    
087                    User user = userPersistence.findByPrimaryKey(userId);
088                    Date now = new Date();
089    
090                    validate(0, user.getCompanyId(), name);
091    
092                    long passwordPolicyId = counterLocalService.increment();
093    
094                    PasswordPolicy passwordPolicy = passwordPolicyPersistence.create(
095                            passwordPolicyId);
096    
097                    passwordPolicy.setUuid(serviceContext.getUuid());
098    
099                    passwordPolicy.setCompanyId(user.getCompanyId());
100                    passwordPolicy.setUserId(userId);
101                    passwordPolicy.setUserName(user.getFullName());
102                    passwordPolicy.setCreateDate(serviceContext.getCreateDate(now));
103                    passwordPolicy.setModifiedDate(serviceContext.getModifiedDate(now));
104                    passwordPolicy.setDefaultPolicy(defaultPolicy);
105                    passwordPolicy.setName(name);
106                    passwordPolicy.setDescription(description);
107                    passwordPolicy.setChangeable(changeable);
108                    passwordPolicy.setChangeRequired(changeRequired);
109                    passwordPolicy.setMinAge(minAge);
110                    passwordPolicy.setCheckSyntax(checkSyntax);
111                    passwordPolicy.setAllowDictionaryWords(allowDictionaryWords);
112                    passwordPolicy.setMinAlphanumeric(minAlphanumeric);
113                    passwordPolicy.setMinLength(minLength);
114                    passwordPolicy.setMinLowerCase(minLowerCase);
115                    passwordPolicy.setMinNumbers(minNumbers);
116                    passwordPolicy.setMinSymbols(minSymbols);
117                    passwordPolicy.setMinUpperCase(minUpperCase);
118                    passwordPolicy.setRegex(regex);
119                    passwordPolicy.setHistory(history);
120                    passwordPolicy.setHistoryCount(historyCount);
121                    passwordPolicy.setExpireable(expireable);
122                    passwordPolicy.setMaxAge(maxAge);
123                    passwordPolicy.setWarningTime(warningTime);
124                    passwordPolicy.setGraceLimit(graceLimit);
125                    passwordPolicy.setLockout(lockout);
126                    passwordPolicy.setMaxFailure(maxFailure);
127                    passwordPolicy.setLockoutDuration(lockoutDuration);
128                    passwordPolicy.setRequireUnlock(lockoutDuration == 0);
129                    passwordPolicy.setResetFailureCount(resetFailureCount);
130                    passwordPolicy.setResetTicketMaxAge(resetTicketMaxAge);
131                    passwordPolicy.setExpandoBridgeAttributes(serviceContext);
132    
133                    passwordPolicyPersistence.update(passwordPolicy);
134    
135                    // Resources
136    
137                    if (!user.isDefaultUser()) {
138                            resourceLocalService.addResources(
139                                    user.getCompanyId(), 0, userId, PasswordPolicy.class.getName(),
140                                    passwordPolicy.getPasswordPolicyId(), false, false, false);
141                    }
142    
143                    return passwordPolicy;
144            }
145    
146            public void checkDefaultPasswordPolicy(long companyId)
147                    throws PortalException, SystemException {
148    
149                    String defaultPasswordPolicyName =
150                            PropsValues.PASSWORDS_DEFAULT_POLICY_NAME;
151    
152                    PasswordPolicy defaultPasswordPolicy =
153                            passwordPolicyPersistence.fetchByC_N(
154                                    companyId, defaultPasswordPolicyName);
155    
156                    if (defaultPasswordPolicy == null) {
157                            long defaultUserId = userLocalService.getDefaultUserId(companyId);
158    
159                            addPasswordPolicy(
160                                    defaultUserId, true, defaultPasswordPolicyName,
161                                    defaultPasswordPolicyName,
162                                    PropsValues.PASSWORDS_DEFAULT_POLICY_CHANGEABLE,
163                                    PropsValues.PASSWORDS_DEFAULT_POLICY_CHANGE_REQUIRED,
164                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_AGE,
165                                    PropsValues.PASSWORDS_DEFAULT_POLICY_CHECK_SYNTAX,
166                                    PropsValues.PASSWORDS_DEFAULT_POLICY_ALLOW_DICTIONARY_WORDS,
167                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_ALPHANUMERIC,
168                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_LENGTH,
169                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_LOWERCASE,
170                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_NUMBERS,
171                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_SYMBOLS,
172                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_UPPERCASE,
173                                    PropsValues.PASSWORDS_DEFAULT_POLICY_REGEX,
174                                    PropsValues.PASSWORDS_DEFAULT_POLICY_HISTORY,
175                                    PropsValues.PASSWORDS_DEFAULT_POLICY_HISTORY_COUNT,
176                                    PropsValues.PASSWORDS_DEFAULT_POLICY_EXPIREABLE,
177                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MAX_AGE,
178                                    PropsValues.PASSWORDS_DEFAULT_POLICY_WARNING_TIME,
179                                    PropsValues.PASSWORDS_DEFAULT_POLICY_GRACE_LIMIT,
180                                    PropsValues.PASSWORDS_DEFAULT_POLICY_LOCKOUT,
181                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MAX_FAILURE,
182                                    PropsValues.PASSWORDS_DEFAULT_POLICY_LOCKOUT_DURATION,
183                                    PropsValues.PASSWORDS_DEFAULT_POLICY_RESET_FAILURE_COUNT,
184                                    PropsValues.PASSWORDS_DEFAULT_POLICY_RESET_TICKET_MAX_AGE,
185                                    new ServiceContext());
186                    }
187            }
188    
189            @Override
190            public PasswordPolicy deletePasswordPolicy(long passwordPolicyId)
191                    throws PortalException, SystemException {
192    
193                    PasswordPolicy passwordPolicy =
194                            passwordPolicyPersistence.findByPrimaryKey(passwordPolicyId);
195    
196                    return deletePasswordPolicy(passwordPolicy);
197            }
198    
199            @Override
200            public PasswordPolicy deletePasswordPolicy(PasswordPolicy passwordPolicy)
201                    throws PortalException, SystemException {
202    
203                    if (passwordPolicy.isDefaultPolicy()) {
204                            throw new RequiredPasswordPolicyException();
205                    }
206    
207                    // Password policy relations
208    
209                    passwordPolicyRelLocalService.deletePasswordPolicyRels(
210                            passwordPolicy.getPasswordPolicyId());
211    
212                    // Resources
213    
214                    resourceLocalService.deleteResource(
215                            passwordPolicy.getCompanyId(), PasswordPolicy.class.getName(),
216                            ResourceConstants.SCOPE_INDIVIDUAL,
217                            passwordPolicy.getPasswordPolicyId());
218    
219                    // Password policy
220    
221                    return passwordPolicyPersistence.remove(passwordPolicy);
222            }
223    
224            public PasswordPolicy fetchPasswordPolicy(long companyId, String name)
225                    throws SystemException {
226    
227                    return passwordPolicyPersistence.fetchByC_N(companyId, name);
228            }
229    
230            public PasswordPolicy fetchPasswordPolicyByUuidAndCompanyId(
231                            String uuid, long companyId)
232                    throws SystemException {
233    
234                    return passwordPolicyPersistence.fetchByUuid_C_First(
235                            uuid, companyId, null);
236            }
237    
238            public PasswordPolicy getDefaultPasswordPolicy(long companyId)
239                    throws PortalException, SystemException {
240    
241                    if (LDAPSettingsUtil.isPasswordPolicyEnabled(companyId)) {
242                            return null;
243                    }
244    
245                    return passwordPolicyPersistence.findByC_DP(companyId, true);
246            }
247    
248            /**
249             * @deprecated As of 6.1.0
250             */
251            public PasswordPolicy getPasswordPolicy(
252                            long companyId, long organizationId, long locationId)
253                    throws PortalException, SystemException {
254    
255                    return getPasswordPolicy(
256                            companyId, new long[] {organizationId, locationId});
257            }
258    
259            public PasswordPolicy getPasswordPolicy(
260                            long companyId, long[] organizationIds)
261                    throws PortalException, SystemException {
262    
263                    if (LDAPSettingsUtil.isPasswordPolicyEnabled(companyId)) {
264                            return null;
265                    }
266    
267                    if ((organizationIds == null) || (organizationIds.length == 0)) {
268                            return getDefaultPasswordPolicy(companyId);
269                    }
270    
271                    long classNameId = classNameLocalService.getClassNameId(
272                            Organization.class.getName());
273    
274                    PasswordPolicyRel passwordPolicyRel = null;
275    
276                    for (int i = 0; i < organizationIds.length; i++) {
277                            long organizationId = organizationIds[i];
278    
279                            passwordPolicyRel = passwordPolicyRelPersistence.fetchByC_C(
280                                    classNameId, organizationId);
281    
282                            if (passwordPolicyRel != null) {
283                                    return passwordPolicyPersistence.findByPrimaryKey(
284                                            passwordPolicyRel.getPasswordPolicyId());
285                            }
286                    }
287    
288                    return getDefaultPasswordPolicy(companyId);
289            }
290    
291            @ThreadLocalCachable
292            public PasswordPolicy getPasswordPolicyByUserId(long userId)
293                    throws PortalException, SystemException {
294    
295                    User user = userPersistence.findByPrimaryKey(userId);
296    
297                    if (LDAPSettingsUtil.isPasswordPolicyEnabled(user.getCompanyId())) {
298                            return null;
299                    }
300    
301                    long classNameId = classNameLocalService.getClassNameId(
302                            User.class.getName());
303    
304                    PasswordPolicyRel passwordPolicyRel =
305                            passwordPolicyRelPersistence.fetchByC_C(classNameId, userId);
306    
307                    if (passwordPolicyRel != null) {
308                            return getPasswordPolicy(passwordPolicyRel.getPasswordPolicyId());
309                    }
310                    else {
311                            List<Organization> organizations = userPersistence.getOrganizations(
312                                    userId);
313    
314                            if (organizations.isEmpty()) {
315                                    return passwordPolicyPersistence.findByC_DP(
316                                            user.getCompanyId(), true);
317                            }
318    
319                            long[] organizationIds = new long[organizations.size()];
320    
321                            for (int i = 0; i < organizationIds.length; i++) {
322                                    Organization organization = organizations.get(i);
323    
324                                    organizationIds[i] = organization.getOrganizationId();
325                            }
326    
327                            return getPasswordPolicy(user.getCompanyId(), organizationIds);
328                    }
329            }
330    
331            public List<PasswordPolicy> search(
332                            long companyId, String name, int start, int end,
333                            OrderByComparator obc)
334                    throws SystemException {
335    
336                    return passwordPolicyFinder.findByC_N(companyId, name, start, end, obc);
337            }
338    
339            public int searchCount(long companyId, String name) throws SystemException {
340                    return passwordPolicyFinder.countByC_N(companyId, name);
341            }
342    
343            /**
344             * @deprecated As of 6.2.0, replaced by {@link #updatePasswordPolicy(long,
345             *             String, String, boolean, boolean, long, boolean, boolean,
346             *             int, int, int, int, int, int, String, boolean, int, boolean,
347             *             long, long, int, boolean, int, long, long, long,
348             *             ServiceContext)}
349             */
350            public PasswordPolicy updatePasswordPolicy(
351                            long passwordPolicyId, String name, String description,
352                            boolean changeable, boolean changeRequired, long minAge,
353                            boolean checkSyntax, boolean allowDictionaryWords,
354                            int minAlphanumeric, int minLength, int minLowerCase,
355                            int minNumbers, int minSymbols, int minUpperCase, boolean history,
356                            int historyCount, boolean expireable, long maxAge, long warningTime,
357                            int graceLimit, boolean lockout, int maxFailure,
358                            long lockoutDuration, long resetFailureCount,
359                            long resetTicketMaxAge)
360                    throws PortalException, SystemException {
361    
362                    return updatePasswordPolicy(
363                            passwordPolicyId, name, description, changeable, changeRequired,
364                            minAge, checkSyntax, allowDictionaryWords, minAlphanumeric,
365                            minLength, minLowerCase, minNumbers, minSymbols, minUpperCase, null,
366                            history, historyCount, expireable, maxAge, warningTime, graceLimit,
367                            lockout, maxFailure, lockoutDuration, resetFailureCount,
368                            resetTicketMaxAge, new ServiceContext());
369            }
370    
371            public PasswordPolicy updatePasswordPolicy(
372                            long passwordPolicyId, String name, String description,
373                            boolean changeable, boolean changeRequired, long minAge,
374                            boolean checkSyntax, boolean allowDictionaryWords,
375                            int minAlphanumeric, int minLength, int minLowerCase,
376                            int minNumbers, int minSymbols, int minUpperCase, String regex,
377                            boolean history, int historyCount, boolean expireable, long maxAge,
378                            long warningTime, int graceLimit, boolean lockout, int maxFailure,
379                            long lockoutDuration, long resetFailureCount,
380                            long resetTicketMaxAge, ServiceContext serviceContext)
381                    throws PortalException, SystemException {
382    
383                    Date now = new Date();
384    
385                    PasswordPolicy passwordPolicy =
386                            passwordPolicyPersistence.findByPrimaryKey(passwordPolicyId);
387    
388                    if (!passwordPolicy.getDefaultPolicy()) {
389                            validate(passwordPolicyId, passwordPolicy.getCompanyId(), name);
390    
391                            passwordPolicy.setName(name);
392                    }
393    
394                    passwordPolicy.setModifiedDate(serviceContext.getModifiedDate(now));
395                    passwordPolicy.setDescription(description);
396                    passwordPolicy.setChangeable(changeable);
397                    passwordPolicy.setChangeRequired(changeRequired);
398                    passwordPolicy.setMinAge(minAge);
399                    passwordPolicy.setCheckSyntax(checkSyntax);
400                    passwordPolicy.setAllowDictionaryWords(allowDictionaryWords);
401                    passwordPolicy.setMinAlphanumeric(minAlphanumeric);
402                    passwordPolicy.setMinLength(minLength);
403                    passwordPolicy.setMinLowerCase(minLowerCase);
404                    passwordPolicy.setMinNumbers(minNumbers);
405                    passwordPolicy.setMinSymbols(minSymbols);
406                    passwordPolicy.setMinUpperCase(minUpperCase);
407                    passwordPolicy.setRegex(regex);
408                    passwordPolicy.setHistory(history);
409                    passwordPolicy.setHistoryCount(historyCount);
410                    passwordPolicy.setExpireable(expireable);
411                    passwordPolicy.setMaxAge(maxAge);
412                    passwordPolicy.setWarningTime(warningTime);
413                    passwordPolicy.setGraceLimit(graceLimit);
414                    passwordPolicy.setLockout(lockout);
415                    passwordPolicy.setMaxFailure(maxFailure);
416                    passwordPolicy.setLockoutDuration(lockoutDuration);
417                    passwordPolicy.setRequireUnlock(lockoutDuration == 0);
418                    passwordPolicy.setResetFailureCount(resetFailureCount);
419                    passwordPolicy.setResetTicketMaxAge(resetTicketMaxAge);
420                    passwordPolicy.setExpandoBridgeAttributes(serviceContext);
421    
422                    passwordPolicyPersistence.update(passwordPolicy);
423    
424                    return passwordPolicy;
425            }
426    
427            protected void validate(long passwordPolicyId, long companyId, String name)
428                    throws PortalException, SystemException {
429    
430                    if (Validator.isNull(name) || Validator.isNumber(name) ||
431                            (name.indexOf(CharPool.COMMA) != -1) ||
432                            (name.indexOf(CharPool.STAR) != -1)) {
433    
434                            throw new PasswordPolicyNameException();
435                    }
436    
437                    PasswordPolicy passwordPolicy = passwordPolicyPersistence.fetchByC_N(
438                            companyId, name);
439    
440                    if (passwordPolicy != null) {
441                            if ((passwordPolicyId <= 0) ||
442                                    (passwordPolicy.getPasswordPolicyId() != passwordPolicyId)) {
443    
444                                    throw new DuplicatePasswordPolicyException();
445                            }
446                    }
447            }
448    
449    }