001
014
015 package com.liferay.portal.service.impl;
016
017 import com.liferay.portal.DuplicatePasswordPolicyException;
018 import com.liferay.portal.PasswordPolicyNameException;
019 import com.liferay.portal.RequiredPasswordPolicyException;
020 import com.liferay.portal.kernel.cache.ThreadLocalCachable;
021 import com.liferay.portal.kernel.exception.PortalException;
022 import com.liferay.portal.kernel.exception.SystemException;
023 import com.liferay.portal.kernel.systemevent.SystemEvent;
024 import com.liferay.portal.kernel.util.ArrayUtil;
025 import com.liferay.portal.kernel.util.CharPool;
026 import com.liferay.portal.kernel.util.OrderByComparator;
027 import com.liferay.portal.kernel.util.Validator;
028 import com.liferay.portal.model.Organization;
029 import com.liferay.portal.model.PasswordPolicy;
030 import com.liferay.portal.model.PasswordPolicyRel;
031 import com.liferay.portal.model.ResourceConstants;
032 import com.liferay.portal.model.SystemEventConstants;
033 import com.liferay.portal.model.User;
034 import com.liferay.portal.security.auth.CompanyThreadLocal;
035 import com.liferay.portal.security.ldap.LDAPSettingsUtil;
036 import com.liferay.portal.service.ServiceContext;
037 import com.liferay.portal.service.base.PasswordPolicyLocalServiceBaseImpl;
038 import com.liferay.portal.util.PropsValues;
039
040 import java.util.Date;
041 import java.util.List;
042
043
046 public class PasswordPolicyLocalServiceImpl
047 extends PasswordPolicyLocalServiceBaseImpl {
048
049
056 @Override
057 public PasswordPolicy addPasswordPolicy(
058 long userId, boolean defaultPolicy, String name, String description,
059 boolean changeable, boolean changeRequired, long minAge,
060 boolean checkSyntax, boolean allowDictionaryWords,
061 int minAlphanumeric, int minLength, int minLowerCase,
062 int minNumbers, int minSymbols, int minUpperCase, boolean history,
063 int historyCount, boolean expireable, long maxAge, long warningTime,
064 int graceLimit, boolean lockout, int maxFailure,
065 long lockoutDuration, long resetFailureCount,
066 long resetTicketMaxAge)
067 throws PortalException, SystemException {
068
069 return addPasswordPolicy(
070 userId, defaultPolicy, name, description, changeable,
071 changeRequired, minAge, checkSyntax, allowDictionaryWords,
072 minAlphanumeric, minLength, minLowerCase, minNumbers, minSymbols,
073 minUpperCase, null, history, historyCount, expireable, maxAge,
074 warningTime, graceLimit, lockout, maxFailure, lockoutDuration,
075 resetFailureCount, resetTicketMaxAge, new ServiceContext());
076 }
077
078 @Override
079 public PasswordPolicy addPasswordPolicy(
080 long userId, boolean defaultPolicy, String name, String description,
081 boolean changeable, boolean changeRequired, long minAge,
082 boolean checkSyntax, boolean allowDictionaryWords,
083 int minAlphanumeric, int minLength, int minLowerCase,
084 int minNumbers, int minSymbols, int minUpperCase, String regex,
085 boolean history, int historyCount, boolean expireable, long maxAge,
086 long warningTime, int graceLimit, boolean lockout, int maxFailure,
087 long lockoutDuration, long resetFailureCount,
088 long resetTicketMaxAge, ServiceContext serviceContext)
089 throws PortalException, SystemException {
090
091
092
093 User user = userPersistence.findByPrimaryKey(userId);
094 Date now = new Date();
095
096 validate(0, user.getCompanyId(), name);
097
098 long passwordPolicyId = counterLocalService.increment();
099
100 PasswordPolicy passwordPolicy = passwordPolicyPersistence.create(
101 passwordPolicyId);
102
103 passwordPolicy.setUuid(serviceContext.getUuid());
104 passwordPolicy.setCompanyId(user.getCompanyId());
105 passwordPolicy.setUserId(userId);
106 passwordPolicy.setUserName(user.getFullName());
107 passwordPolicy.setCreateDate(serviceContext.getCreateDate(now));
108 passwordPolicy.setModifiedDate(serviceContext.getModifiedDate(now));
109 passwordPolicy.setDefaultPolicy(defaultPolicy);
110 passwordPolicy.setName(name);
111 passwordPolicy.setDescription(description);
112 passwordPolicy.setChangeable(changeable);
113 passwordPolicy.setChangeRequired(changeRequired);
114 passwordPolicy.setMinAge(minAge);
115 passwordPolicy.setCheckSyntax(checkSyntax);
116 passwordPolicy.setAllowDictionaryWords(allowDictionaryWords);
117 passwordPolicy.setMinAlphanumeric(minAlphanumeric);
118 passwordPolicy.setMinLength(minLength);
119 passwordPolicy.setMinLowerCase(minLowerCase);
120 passwordPolicy.setMinNumbers(minNumbers);
121 passwordPolicy.setMinSymbols(minSymbols);
122 passwordPolicy.setMinUpperCase(minUpperCase);
123 passwordPolicy.setRegex(regex);
124 passwordPolicy.setHistory(history);
125 passwordPolicy.setHistoryCount(historyCount);
126 passwordPolicy.setExpireable(expireable);
127 passwordPolicy.setMaxAge(maxAge);
128 passwordPolicy.setWarningTime(warningTime);
129 passwordPolicy.setGraceLimit(graceLimit);
130 passwordPolicy.setLockout(lockout);
131 passwordPolicy.setMaxFailure(maxFailure);
132 passwordPolicy.setLockoutDuration(lockoutDuration);
133 passwordPolicy.setRequireUnlock(lockoutDuration == 0);
134 passwordPolicy.setResetFailureCount(resetFailureCount);
135 passwordPolicy.setResetTicketMaxAge(resetTicketMaxAge);
136 passwordPolicy.setExpandoBridgeAttributes(serviceContext);
137
138 passwordPolicyPersistence.update(passwordPolicy);
139
140
141
142 if (!user.isDefaultUser()) {
143 resourceLocalService.addResources(
144 user.getCompanyId(), 0, userId, PasswordPolicy.class.getName(),
145 passwordPolicy.getPasswordPolicyId(), false, false, false);
146 }
147
148 return passwordPolicy;
149 }
150
151 @Override
152 public void checkDefaultPasswordPolicy(long companyId)
153 throws PortalException, SystemException {
154
155 String defaultPasswordPolicyName =
156 PropsValues.PASSWORDS_DEFAULT_POLICY_NAME;
157
158 PasswordPolicy defaultPasswordPolicy =
159 passwordPolicyPersistence.fetchByC_N(
160 companyId, defaultPasswordPolicyName);
161
162 if (defaultPasswordPolicy == null) {
163 long defaultUserId = userLocalService.getDefaultUserId(companyId);
164
165 addPasswordPolicy(
166 defaultUserId, true, defaultPasswordPolicyName,
167 defaultPasswordPolicyName,
168 PropsValues.PASSWORDS_DEFAULT_POLICY_CHANGEABLE,
169 PropsValues.PASSWORDS_DEFAULT_POLICY_CHANGE_REQUIRED,
170 PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_AGE,
171 PropsValues.PASSWORDS_DEFAULT_POLICY_CHECK_SYNTAX,
172 PropsValues.PASSWORDS_DEFAULT_POLICY_ALLOW_DICTIONARY_WORDS,
173 PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_ALPHANUMERIC,
174 PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_LENGTH,
175 PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_LOWERCASE,
176 PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_NUMBERS,
177 PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_SYMBOLS,
178 PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_UPPERCASE,
179 PropsValues.PASSWORDS_DEFAULT_POLICY_REGEX,
180 PropsValues.PASSWORDS_DEFAULT_POLICY_HISTORY,
181 PropsValues.PASSWORDS_DEFAULT_POLICY_HISTORY_COUNT,
182 PropsValues.PASSWORDS_DEFAULT_POLICY_EXPIREABLE,
183 PropsValues.PASSWORDS_DEFAULT_POLICY_MAX_AGE,
184 PropsValues.PASSWORDS_DEFAULT_POLICY_WARNING_TIME,
185 PropsValues.PASSWORDS_DEFAULT_POLICY_GRACE_LIMIT,
186 PropsValues.PASSWORDS_DEFAULT_POLICY_LOCKOUT,
187 PropsValues.PASSWORDS_DEFAULT_POLICY_MAX_FAILURE,
188 PropsValues.PASSWORDS_DEFAULT_POLICY_LOCKOUT_DURATION,
189 PropsValues.PASSWORDS_DEFAULT_POLICY_RESET_FAILURE_COUNT,
190 PropsValues.PASSWORDS_DEFAULT_POLICY_RESET_TICKET_MAX_AGE,
191 new ServiceContext());
192 }
193 }
194
195 @Override
196 public void deleteNondefaultPasswordPolicies(long companyId)
197 throws PortalException, SystemException {
198
199 List<PasswordPolicy> passwordPolicies =
200 passwordPolicyPersistence.findByCompanyId(companyId);
201
202 for (PasswordPolicy passwordPolicy : passwordPolicies) {
203 if (!passwordPolicy.isDefaultPolicy()) {
204 passwordPolicyLocalService.deletePasswordPolicy(passwordPolicy);
205 }
206 }
207 }
208
209 @Override
210 public PasswordPolicy deletePasswordPolicy(long passwordPolicyId)
211 throws PortalException, SystemException {
212
213 PasswordPolicy passwordPolicy =
214 passwordPolicyPersistence.findByPrimaryKey(passwordPolicyId);
215
216 return passwordPolicyLocalService.deletePasswordPolicy(passwordPolicy);
217 }
218
219 @Override
220 @SystemEvent(
221 action = SystemEventConstants.ACTION_SKIP,
222 type = SystemEventConstants.TYPE_DELETE)
223 public PasswordPolicy deletePasswordPolicy(PasswordPolicy passwordPolicy)
224 throws PortalException, SystemException {
225
226 if (passwordPolicy.isDefaultPolicy() &&
227 !CompanyThreadLocal.isDeleteInProcess()) {
228
229 throw new RequiredPasswordPolicyException();
230 }
231
232
233
234 passwordPolicyRelLocalService.deletePasswordPolicyRels(
235 passwordPolicy.getPasswordPolicyId());
236
237
238
239 resourceLocalService.deleteResource(
240 passwordPolicy.getCompanyId(), PasswordPolicy.class.getName(),
241 ResourceConstants.SCOPE_INDIVIDUAL,
242 passwordPolicy.getPasswordPolicyId());
243
244
245
246 return passwordPolicyPersistence.remove(passwordPolicy);
247 }
248
249 @Override
250 public PasswordPolicy fetchPasswordPolicy(long companyId, String name)
251 throws SystemException {
252
253 return passwordPolicyPersistence.fetchByC_N(companyId, name);
254 }
255
256 @Override
257 public PasswordPolicy getDefaultPasswordPolicy(long companyId)
258 throws PortalException, SystemException {
259
260 if (LDAPSettingsUtil.isPasswordPolicyEnabled(companyId)) {
261 return null;
262 }
263
264 return passwordPolicyPersistence.findByC_DP(companyId, true);
265 }
266
267
270 @Override
271 public PasswordPolicy getPasswordPolicy(
272 long companyId, long organizationId, long locationId)
273 throws PortalException, SystemException {
274
275 return getPasswordPolicy(
276 companyId, new long[] {organizationId, locationId});
277 }
278
279 @Override
280 public PasswordPolicy getPasswordPolicy(
281 long companyId, long[] organizationIds)
282 throws PortalException, SystemException {
283
284 if (LDAPSettingsUtil.isPasswordPolicyEnabled(companyId)) {
285 return null;
286 }
287
288 if (ArrayUtil.isEmpty(organizationIds)) {
289 return getDefaultPasswordPolicy(companyId);
290 }
291
292 long classNameId = classNameLocalService.getClassNameId(
293 Organization.class.getName());
294
295 PasswordPolicyRel passwordPolicyRel = null;
296
297 for (int i = 0; i < organizationIds.length; i++) {
298 long organizationId = organizationIds[i];
299
300 passwordPolicyRel = passwordPolicyRelPersistence.fetchByC_C(
301 classNameId, organizationId);
302
303 if (passwordPolicyRel != null) {
304 return passwordPolicyPersistence.findByPrimaryKey(
305 passwordPolicyRel.getPasswordPolicyId());
306 }
307 }
308
309 return getDefaultPasswordPolicy(companyId);
310 }
311
312 @Override
313 @ThreadLocalCachable
314 public PasswordPolicy getPasswordPolicyByUserId(long userId)
315 throws PortalException, SystemException {
316
317 User user = userPersistence.findByPrimaryKey(userId);
318
319 if (LDAPSettingsUtil.isPasswordPolicyEnabled(user.getCompanyId())) {
320 return null;
321 }
322
323 long classNameId = classNameLocalService.getClassNameId(
324 User.class.getName());
325
326 PasswordPolicyRel passwordPolicyRel =
327 passwordPolicyRelPersistence.fetchByC_C(classNameId, userId);
328
329 if (passwordPolicyRel != null) {
330 return getPasswordPolicy(passwordPolicyRel.getPasswordPolicyId());
331 }
332
333 List<Organization> organizations = userPersistence.getOrganizations(
334 userId);
335
336 if (organizations.isEmpty()) {
337 return passwordPolicyPersistence.findByC_DP(
338 user.getCompanyId(), true);
339 }
340
341 long[] organizationIds = new long[organizations.size()];
342
343 for (int i = 0; i < organizationIds.length; i++) {
344 Organization organization = organizations.get(i);
345
346 organizationIds[i] = organization.getOrganizationId();
347 }
348
349 return getPasswordPolicy(user.getCompanyId(), organizationIds);
350 }
351
352 @Override
353 public List<PasswordPolicy> search(
354 long companyId, String name, int start, int end,
355 OrderByComparator obc)
356 throws SystemException {
357
358 return passwordPolicyFinder.findByC_N(companyId, name, start, end, obc);
359 }
360
361 @Override
362 public int searchCount(long companyId, String name) throws SystemException {
363 return passwordPolicyFinder.countByC_N(companyId, name);
364 }
365
366
373 @Override
374 public PasswordPolicy updatePasswordPolicy(
375 long passwordPolicyId, String name, String description,
376 boolean changeable, boolean changeRequired, long minAge,
377 boolean checkSyntax, boolean allowDictionaryWords,
378 int minAlphanumeric, int minLength, int minLowerCase,
379 int minNumbers, int minSymbols, int minUpperCase, boolean history,
380 int historyCount, boolean expireable, long maxAge, long warningTime,
381 int graceLimit, boolean lockout, int maxFailure,
382 long lockoutDuration, long resetFailureCount,
383 long resetTicketMaxAge)
384 throws PortalException, SystemException {
385
386 return updatePasswordPolicy(
387 passwordPolicyId, name, description, changeable, changeRequired,
388 minAge, checkSyntax, allowDictionaryWords, minAlphanumeric,
389 minLength, minLowerCase, minNumbers, minSymbols, minUpperCase, null,
390 history, historyCount, expireable, maxAge, warningTime, graceLimit,
391 lockout, maxFailure, lockoutDuration, resetFailureCount,
392 resetTicketMaxAge, new ServiceContext());
393 }
394
395 @Override
396 public PasswordPolicy updatePasswordPolicy(
397 long passwordPolicyId, String name, String description,
398 boolean changeable, boolean changeRequired, long minAge,
399 boolean checkSyntax, boolean allowDictionaryWords,
400 int minAlphanumeric, int minLength, int minLowerCase,
401 int minNumbers, int minSymbols, int minUpperCase, String regex,
402 boolean history, int historyCount, boolean expireable, long maxAge,
403 long warningTime, int graceLimit, boolean lockout, int maxFailure,
404 long lockoutDuration, long resetFailureCount,
405 long resetTicketMaxAge, ServiceContext serviceContext)
406 throws PortalException, SystemException {
407
408 Date now = new Date();
409
410 PasswordPolicy passwordPolicy =
411 passwordPolicyPersistence.findByPrimaryKey(passwordPolicyId);
412
413 if (!passwordPolicy.getDefaultPolicy()) {
414 validate(passwordPolicyId, passwordPolicy.getCompanyId(), name);
415
416 passwordPolicy.setName(name);
417 }
418
419 passwordPolicy.setModifiedDate(serviceContext.getModifiedDate(now));
420 passwordPolicy.setDescription(description);
421 passwordPolicy.setChangeable(changeable);
422 passwordPolicy.setChangeRequired(changeRequired);
423 passwordPolicy.setMinAge(minAge);
424 passwordPolicy.setCheckSyntax(checkSyntax);
425 passwordPolicy.setAllowDictionaryWords(allowDictionaryWords);
426 passwordPolicy.setMinAlphanumeric(minAlphanumeric);
427 passwordPolicy.setMinLength(minLength);
428 passwordPolicy.setMinLowerCase(minLowerCase);
429 passwordPolicy.setMinNumbers(minNumbers);
430 passwordPolicy.setMinSymbols(minSymbols);
431 passwordPolicy.setMinUpperCase(minUpperCase);
432 passwordPolicy.setRegex(regex);
433 passwordPolicy.setHistory(history);
434 passwordPolicy.setHistoryCount(historyCount);
435 passwordPolicy.setExpireable(expireable);
436 passwordPolicy.setMaxAge(maxAge);
437 passwordPolicy.setWarningTime(warningTime);
438 passwordPolicy.setGraceLimit(graceLimit);
439 passwordPolicy.setLockout(lockout);
440 passwordPolicy.setMaxFailure(maxFailure);
441 passwordPolicy.setLockoutDuration(lockoutDuration);
442 passwordPolicy.setRequireUnlock(lockoutDuration == 0);
443 passwordPolicy.setResetFailureCount(resetFailureCount);
444 passwordPolicy.setResetTicketMaxAge(resetTicketMaxAge);
445 passwordPolicy.setExpandoBridgeAttributes(serviceContext);
446
447 passwordPolicyPersistence.update(passwordPolicy);
448
449 return passwordPolicy;
450 }
451
452 protected void validate(long passwordPolicyId, long companyId, String name)
453 throws PortalException, SystemException {
454
455 if (Validator.isNull(name) || Validator.isNumber(name) ||
456 (name.indexOf(CharPool.COMMA) != -1) ||
457 (name.indexOf(CharPool.STAR) != -1)) {
458
459 throw new PasswordPolicyNameException();
460 }
461
462 PasswordPolicy passwordPolicy = passwordPolicyPersistence.fetchByC_N(
463 companyId, name);
464
465 if ((passwordPolicy != null) &&
466 (passwordPolicy.getPasswordPolicyId() != passwordPolicyId)) {
467
468 throw new DuplicatePasswordPolicyException(
469 "{passwordPolicyId=" + passwordPolicyId + "}");
470 }
471 }
472
473 }