001    /**
002     * Copyright (c) 2000-2013 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.service.impl;
016    
017    import com.liferay.portal.DuplicatePasswordPolicyException;
018    import com.liferay.portal.PasswordPolicyNameException;
019    import com.liferay.portal.RequiredPasswordPolicyException;
020    import com.liferay.portal.kernel.cache.ThreadLocalCachable;
021    import com.liferay.portal.kernel.exception.PortalException;
022    import com.liferay.portal.kernel.exception.SystemException;
023    import com.liferay.portal.kernel.systemevent.SystemEvent;
024    import com.liferay.portal.kernel.util.ArrayUtil;
025    import com.liferay.portal.kernel.util.CharPool;
026    import com.liferay.portal.kernel.util.OrderByComparator;
027    import com.liferay.portal.kernel.util.Validator;
028    import com.liferay.portal.model.Organization;
029    import com.liferay.portal.model.PasswordPolicy;
030    import com.liferay.portal.model.PasswordPolicyRel;
031    import com.liferay.portal.model.ResourceConstants;
032    import com.liferay.portal.model.SystemEventConstants;
033    import com.liferay.portal.model.User;
034    import com.liferay.portal.security.auth.CompanyThreadLocal;
035    import com.liferay.portal.security.ldap.LDAPSettingsUtil;
036    import com.liferay.portal.service.ServiceContext;
037    import com.liferay.portal.service.base.PasswordPolicyLocalServiceBaseImpl;
038    import com.liferay.portal.util.PropsValues;
039    
040    import java.util.Date;
041    import java.util.List;
042    
043    /**
044     * @author Scott Lee
045     */
046    public class PasswordPolicyLocalServiceImpl
047            extends PasswordPolicyLocalServiceBaseImpl {
048    
049            /**
050             * @deprecated As of 6.2.0, replaced by {@link #addPasswordPolicy(long,
051             *             boolean, String, String, boolean, boolean, long, boolean,
052             *             boolean, int, int, int, int, int, int, String, boolean, int,
053             *             boolean, long, long, int, boolean, int, long, long, long,
054             *             ServiceContext)}
055             */
056            @Override
057            public PasswordPolicy addPasswordPolicy(
058                            long userId, boolean defaultPolicy, String name, String description,
059                            boolean changeable, boolean changeRequired, long minAge,
060                            boolean checkSyntax, boolean allowDictionaryWords,
061                            int minAlphanumeric, int minLength, int minLowerCase,
062                            int minNumbers, int minSymbols, int minUpperCase, boolean history,
063                            int historyCount, boolean expireable, long maxAge, long warningTime,
064                            int graceLimit, boolean lockout, int maxFailure,
065                            long lockoutDuration, long resetFailureCount,
066                            long resetTicketMaxAge)
067                    throws PortalException, SystemException {
068    
069                    return addPasswordPolicy(
070                            userId, defaultPolicy, name, description, changeable,
071                            changeRequired, minAge, checkSyntax, allowDictionaryWords,
072                            minAlphanumeric, minLength, minLowerCase, minNumbers, minSymbols,
073                            minUpperCase, null, history, historyCount, expireable, maxAge,
074                            warningTime, graceLimit, lockout, maxFailure, lockoutDuration,
075                            resetFailureCount, resetTicketMaxAge, new ServiceContext());
076            }
077    
078            @Override
079            public PasswordPolicy addPasswordPolicy(
080                            long userId, boolean defaultPolicy, String name, String description,
081                            boolean changeable, boolean changeRequired, long minAge,
082                            boolean checkSyntax, boolean allowDictionaryWords,
083                            int minAlphanumeric, int minLength, int minLowerCase,
084                            int minNumbers, int minSymbols, int minUpperCase, String regex,
085                            boolean history, int historyCount, boolean expireable, long maxAge,
086                            long warningTime, int graceLimit, boolean lockout, int maxFailure,
087                            long lockoutDuration, long resetFailureCount,
088                            long resetTicketMaxAge, ServiceContext serviceContext)
089                    throws PortalException, SystemException {
090    
091                    // Password policy
092    
093                    User user = userPersistence.findByPrimaryKey(userId);
094                    Date now = new Date();
095    
096                    validate(0, user.getCompanyId(), name);
097    
098                    long passwordPolicyId = counterLocalService.increment();
099    
100                    PasswordPolicy passwordPolicy = passwordPolicyPersistence.create(
101                            passwordPolicyId);
102    
103                    passwordPolicy.setUuid(serviceContext.getUuid());
104                    passwordPolicy.setCompanyId(user.getCompanyId());
105                    passwordPolicy.setUserId(userId);
106                    passwordPolicy.setUserName(user.getFullName());
107                    passwordPolicy.setCreateDate(serviceContext.getCreateDate(now));
108                    passwordPolicy.setModifiedDate(serviceContext.getModifiedDate(now));
109                    passwordPolicy.setDefaultPolicy(defaultPolicy);
110                    passwordPolicy.setName(name);
111                    passwordPolicy.setDescription(description);
112                    passwordPolicy.setChangeable(changeable);
113                    passwordPolicy.setChangeRequired(changeRequired);
114                    passwordPolicy.setMinAge(minAge);
115                    passwordPolicy.setCheckSyntax(checkSyntax);
116                    passwordPolicy.setAllowDictionaryWords(allowDictionaryWords);
117                    passwordPolicy.setMinAlphanumeric(minAlphanumeric);
118                    passwordPolicy.setMinLength(minLength);
119                    passwordPolicy.setMinLowerCase(minLowerCase);
120                    passwordPolicy.setMinNumbers(minNumbers);
121                    passwordPolicy.setMinSymbols(minSymbols);
122                    passwordPolicy.setMinUpperCase(minUpperCase);
123                    passwordPolicy.setRegex(regex);
124                    passwordPolicy.setHistory(history);
125                    passwordPolicy.setHistoryCount(historyCount);
126                    passwordPolicy.setExpireable(expireable);
127                    passwordPolicy.setMaxAge(maxAge);
128                    passwordPolicy.setWarningTime(warningTime);
129                    passwordPolicy.setGraceLimit(graceLimit);
130                    passwordPolicy.setLockout(lockout);
131                    passwordPolicy.setMaxFailure(maxFailure);
132                    passwordPolicy.setLockoutDuration(lockoutDuration);
133                    passwordPolicy.setRequireUnlock(lockoutDuration == 0);
134                    passwordPolicy.setResetFailureCount(resetFailureCount);
135                    passwordPolicy.setResetTicketMaxAge(resetTicketMaxAge);
136                    passwordPolicy.setExpandoBridgeAttributes(serviceContext);
137    
138                    passwordPolicyPersistence.update(passwordPolicy);
139    
140                    // Resources
141    
142                    if (!user.isDefaultUser()) {
143                            resourceLocalService.addResources(
144                                    user.getCompanyId(), 0, userId, PasswordPolicy.class.getName(),
145                                    passwordPolicy.getPasswordPolicyId(), false, false, false);
146                    }
147    
148                    return passwordPolicy;
149            }
150    
151            @Override
152            public void checkDefaultPasswordPolicy(long companyId)
153                    throws PortalException, SystemException {
154    
155                    String defaultPasswordPolicyName =
156                            PropsValues.PASSWORDS_DEFAULT_POLICY_NAME;
157    
158                    PasswordPolicy defaultPasswordPolicy =
159                            passwordPolicyPersistence.fetchByC_N(
160                                    companyId, defaultPasswordPolicyName);
161    
162                    if (defaultPasswordPolicy == null) {
163                            long defaultUserId = userLocalService.getDefaultUserId(companyId);
164    
165                            addPasswordPolicy(
166                                    defaultUserId, true, defaultPasswordPolicyName,
167                                    defaultPasswordPolicyName,
168                                    PropsValues.PASSWORDS_DEFAULT_POLICY_CHANGEABLE,
169                                    PropsValues.PASSWORDS_DEFAULT_POLICY_CHANGE_REQUIRED,
170                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_AGE,
171                                    PropsValues.PASSWORDS_DEFAULT_POLICY_CHECK_SYNTAX,
172                                    PropsValues.PASSWORDS_DEFAULT_POLICY_ALLOW_DICTIONARY_WORDS,
173                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_ALPHANUMERIC,
174                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_LENGTH,
175                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_LOWERCASE,
176                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_NUMBERS,
177                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_SYMBOLS,
178                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_UPPERCASE,
179                                    PropsValues.PASSWORDS_DEFAULT_POLICY_REGEX,
180                                    PropsValues.PASSWORDS_DEFAULT_POLICY_HISTORY,
181                                    PropsValues.PASSWORDS_DEFAULT_POLICY_HISTORY_COUNT,
182                                    PropsValues.PASSWORDS_DEFAULT_POLICY_EXPIREABLE,
183                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MAX_AGE,
184                                    PropsValues.PASSWORDS_DEFAULT_POLICY_WARNING_TIME,
185                                    PropsValues.PASSWORDS_DEFAULT_POLICY_GRACE_LIMIT,
186                                    PropsValues.PASSWORDS_DEFAULT_POLICY_LOCKOUT,
187                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MAX_FAILURE,
188                                    PropsValues.PASSWORDS_DEFAULT_POLICY_LOCKOUT_DURATION,
189                                    PropsValues.PASSWORDS_DEFAULT_POLICY_RESET_FAILURE_COUNT,
190                                    PropsValues.PASSWORDS_DEFAULT_POLICY_RESET_TICKET_MAX_AGE,
191                                    new ServiceContext());
192                    }
193            }
194    
195            @Override
196            public void deleteNondefaultPasswordPolicies(long companyId)
197                    throws PortalException, SystemException {
198    
199                    List<PasswordPolicy> passwordPolicies =
200                            passwordPolicyPersistence.findByCompanyId(companyId);
201    
202                    for (PasswordPolicy passwordPolicy : passwordPolicies) {
203                            if (!passwordPolicy.isDefaultPolicy()) {
204                                    passwordPolicyLocalService.deletePasswordPolicy(passwordPolicy);
205                            }
206                    }
207            }
208    
209            @Override
210            public PasswordPolicy deletePasswordPolicy(long passwordPolicyId)
211                    throws PortalException, SystemException {
212    
213                    PasswordPolicy passwordPolicy =
214                            passwordPolicyPersistence.findByPrimaryKey(passwordPolicyId);
215    
216                    return passwordPolicyLocalService.deletePasswordPolicy(passwordPolicy);
217            }
218    
219            @Override
220            @SystemEvent(
221                    action = SystemEventConstants.ACTION_SKIP,
222                    type = SystemEventConstants.TYPE_DELETE)
223            public PasswordPolicy deletePasswordPolicy(PasswordPolicy passwordPolicy)
224                    throws PortalException, SystemException {
225    
226                    if (passwordPolicy.isDefaultPolicy() &&
227                            !CompanyThreadLocal.isDeleteInProcess()) {
228    
229                            throw new RequiredPasswordPolicyException();
230                    }
231    
232                    // Password policy relations
233    
234                    passwordPolicyRelLocalService.deletePasswordPolicyRels(
235                            passwordPolicy.getPasswordPolicyId());
236    
237                    // Resources
238    
239                    resourceLocalService.deleteResource(
240                            passwordPolicy.getCompanyId(), PasswordPolicy.class.getName(),
241                            ResourceConstants.SCOPE_INDIVIDUAL,
242                            passwordPolicy.getPasswordPolicyId());
243    
244                    // Password policy
245    
246                    return passwordPolicyPersistence.remove(passwordPolicy);
247            }
248    
249            @Override
250            public PasswordPolicy fetchPasswordPolicy(long companyId, String name)
251                    throws SystemException {
252    
253                    return passwordPolicyPersistence.fetchByC_N(companyId, name);
254            }
255    
256            @Override
257            public PasswordPolicy getDefaultPasswordPolicy(long companyId)
258                    throws PortalException, SystemException {
259    
260                    if (LDAPSettingsUtil.isPasswordPolicyEnabled(companyId)) {
261                            return null;
262                    }
263    
264                    return passwordPolicyPersistence.findByC_DP(companyId, true);
265            }
266    
267            /**
268             * @deprecated As of 6.1.0
269             */
270            @Override
271            public PasswordPolicy getPasswordPolicy(
272                            long companyId, long organizationId, long locationId)
273                    throws PortalException, SystemException {
274    
275                    return getPasswordPolicy(
276                            companyId, new long[] {organizationId, locationId});
277            }
278    
279            @Override
280            public PasswordPolicy getPasswordPolicy(
281                            long companyId, long[] organizationIds)
282                    throws PortalException, SystemException {
283    
284                    if (LDAPSettingsUtil.isPasswordPolicyEnabled(companyId)) {
285                            return null;
286                    }
287    
288                    if (ArrayUtil.isEmpty(organizationIds)) {
289                            return getDefaultPasswordPolicy(companyId);
290                    }
291    
292                    long classNameId = classNameLocalService.getClassNameId(
293                            Organization.class.getName());
294    
295                    PasswordPolicyRel passwordPolicyRel = null;
296    
297                    for (int i = 0; i < organizationIds.length; i++) {
298                            long organizationId = organizationIds[i];
299    
300                            passwordPolicyRel = passwordPolicyRelPersistence.fetchByC_C(
301                                    classNameId, organizationId);
302    
303                            if (passwordPolicyRel != null) {
304                                    return passwordPolicyPersistence.findByPrimaryKey(
305                                            passwordPolicyRel.getPasswordPolicyId());
306                            }
307                    }
308    
309                    return getDefaultPasswordPolicy(companyId);
310            }
311    
312            @Override
313            @ThreadLocalCachable
314            public PasswordPolicy getPasswordPolicyByUserId(long userId)
315                    throws PortalException, SystemException {
316    
317                    User user = userPersistence.findByPrimaryKey(userId);
318    
319                    if (LDAPSettingsUtil.isPasswordPolicyEnabled(user.getCompanyId())) {
320                            return null;
321                    }
322    
323                    long classNameId = classNameLocalService.getClassNameId(
324                            User.class.getName());
325    
326                    PasswordPolicyRel passwordPolicyRel =
327                            passwordPolicyRelPersistence.fetchByC_C(classNameId, userId);
328    
329                    if (passwordPolicyRel != null) {
330                            return getPasswordPolicy(passwordPolicyRel.getPasswordPolicyId());
331                    }
332    
333                    List<Organization> organizations = userPersistence.getOrganizations(
334                            userId);
335    
336                    if (organizations.isEmpty()) {
337                            return passwordPolicyPersistence.findByC_DP(
338                                    user.getCompanyId(), true);
339                    }
340    
341                    long[] organizationIds = new long[organizations.size()];
342    
343                    for (int i = 0; i < organizationIds.length; i++) {
344                            Organization organization = organizations.get(i);
345    
346                            organizationIds[i] = organization.getOrganizationId();
347                    }
348    
349                    return getPasswordPolicy(user.getCompanyId(), organizationIds);
350            }
351    
352            @Override
353            public List<PasswordPolicy> search(
354                            long companyId, String name, int start, int end,
355                            OrderByComparator obc)
356                    throws SystemException {
357    
358                    return passwordPolicyFinder.findByC_N(companyId, name, start, end, obc);
359            }
360    
361            @Override
362            public int searchCount(long companyId, String name) throws SystemException {
363                    return passwordPolicyFinder.countByC_N(companyId, name);
364            }
365    
366            /**
367             * @deprecated As of 6.2.0, replaced by {@link #updatePasswordPolicy(long,
368             *             String, String, boolean, boolean, long, boolean, boolean,
369             *             int, int, int, int, int, int, String, boolean, int, boolean,
370             *             long, long, int, boolean, int, long, long, long,
371             *             ServiceContext)}
372             */
373            @Override
374            public PasswordPolicy updatePasswordPolicy(
375                            long passwordPolicyId, String name, String description,
376                            boolean changeable, boolean changeRequired, long minAge,
377                            boolean checkSyntax, boolean allowDictionaryWords,
378                            int minAlphanumeric, int minLength, int minLowerCase,
379                            int minNumbers, int minSymbols, int minUpperCase, boolean history,
380                            int historyCount, boolean expireable, long maxAge, long warningTime,
381                            int graceLimit, boolean lockout, int maxFailure,
382                            long lockoutDuration, long resetFailureCount,
383                            long resetTicketMaxAge)
384                    throws PortalException, SystemException {
385    
386                    return updatePasswordPolicy(
387                            passwordPolicyId, name, description, changeable, changeRequired,
388                            minAge, checkSyntax, allowDictionaryWords, minAlphanumeric,
389                            minLength, minLowerCase, minNumbers, minSymbols, minUpperCase, null,
390                            history, historyCount, expireable, maxAge, warningTime, graceLimit,
391                            lockout, maxFailure, lockoutDuration, resetFailureCount,
392                            resetTicketMaxAge, new ServiceContext());
393            }
394    
395            @Override
396            public PasswordPolicy updatePasswordPolicy(
397                            long passwordPolicyId, String name, String description,
398                            boolean changeable, boolean changeRequired, long minAge,
399                            boolean checkSyntax, boolean allowDictionaryWords,
400                            int minAlphanumeric, int minLength, int minLowerCase,
401                            int minNumbers, int minSymbols, int minUpperCase, String regex,
402                            boolean history, int historyCount, boolean expireable, long maxAge,
403                            long warningTime, int graceLimit, boolean lockout, int maxFailure,
404                            long lockoutDuration, long resetFailureCount,
405                            long resetTicketMaxAge, ServiceContext serviceContext)
406                    throws PortalException, SystemException {
407    
408                    Date now = new Date();
409    
410                    PasswordPolicy passwordPolicy =
411                            passwordPolicyPersistence.findByPrimaryKey(passwordPolicyId);
412    
413                    if (!passwordPolicy.getDefaultPolicy()) {
414                            validate(passwordPolicyId, passwordPolicy.getCompanyId(), name);
415    
416                            passwordPolicy.setName(name);
417                    }
418    
419                    passwordPolicy.setModifiedDate(serviceContext.getModifiedDate(now));
420                    passwordPolicy.setDescription(description);
421                    passwordPolicy.setChangeable(changeable);
422                    passwordPolicy.setChangeRequired(changeRequired);
423                    passwordPolicy.setMinAge(minAge);
424                    passwordPolicy.setCheckSyntax(checkSyntax);
425                    passwordPolicy.setAllowDictionaryWords(allowDictionaryWords);
426                    passwordPolicy.setMinAlphanumeric(minAlphanumeric);
427                    passwordPolicy.setMinLength(minLength);
428                    passwordPolicy.setMinLowerCase(minLowerCase);
429                    passwordPolicy.setMinNumbers(minNumbers);
430                    passwordPolicy.setMinSymbols(minSymbols);
431                    passwordPolicy.setMinUpperCase(minUpperCase);
432                    passwordPolicy.setRegex(regex);
433                    passwordPolicy.setHistory(history);
434                    passwordPolicy.setHistoryCount(historyCount);
435                    passwordPolicy.setExpireable(expireable);
436                    passwordPolicy.setMaxAge(maxAge);
437                    passwordPolicy.setWarningTime(warningTime);
438                    passwordPolicy.setGraceLimit(graceLimit);
439                    passwordPolicy.setLockout(lockout);
440                    passwordPolicy.setMaxFailure(maxFailure);
441                    passwordPolicy.setLockoutDuration(lockoutDuration);
442                    passwordPolicy.setRequireUnlock(lockoutDuration == 0);
443                    passwordPolicy.setResetFailureCount(resetFailureCount);
444                    passwordPolicy.setResetTicketMaxAge(resetTicketMaxAge);
445                    passwordPolicy.setExpandoBridgeAttributes(serviceContext);
446    
447                    passwordPolicyPersistence.update(passwordPolicy);
448    
449                    return passwordPolicy;
450            }
451    
452            protected void validate(long passwordPolicyId, long companyId, String name)
453                    throws PortalException, SystemException {
454    
455                    if (Validator.isNull(name) || Validator.isNumber(name) ||
456                            (name.indexOf(CharPool.COMMA) != -1) ||
457                            (name.indexOf(CharPool.STAR) != -1)) {
458    
459                            throw new PasswordPolicyNameException();
460                    }
461    
462                    PasswordPolicy passwordPolicy = passwordPolicyPersistence.fetchByC_N(
463                            companyId, name);
464    
465                    if (passwordPolicy != null) {
466                            if ((passwordPolicyId <= 0) ||
467                                    (passwordPolicy.getPasswordPolicyId() != passwordPolicyId)) {
468    
469                                    throw new DuplicatePasswordPolicyException();
470                            }
471                    }
472            }
473    
474    }