001
014
015 package com.liferay.portal.service.impl;
016
017 import com.liferay.portal.exception.DuplicatePasswordPolicyException;
018 import com.liferay.portal.exception.PasswordPolicyNameException;
019 import com.liferay.portal.exception.RequiredPasswordPolicyException;
020 import com.liferay.portal.kernel.cache.thread.local.ThreadLocalCachable;
021 import com.liferay.portal.kernel.exception.PortalException;
022 import com.liferay.portal.kernel.systemevent.SystemEvent;
023 import com.liferay.portal.kernel.util.ArrayUtil;
024 import com.liferay.portal.kernel.util.CharPool;
025 import com.liferay.portal.kernel.util.OrderByComparator;
026 import com.liferay.portal.kernel.util.Validator;
027 import com.liferay.portal.model.Organization;
028 import com.liferay.portal.model.PasswordPolicy;
029 import com.liferay.portal.model.PasswordPolicyRel;
030 import com.liferay.portal.model.ResourceConstants;
031 import com.liferay.portal.model.SystemEventConstants;
032 import com.liferay.portal.model.User;
033 import com.liferay.portal.security.auth.CompanyThreadLocal;
034 import com.liferay.portal.security.ldap.LDAPSettingsUtil;
035 import com.liferay.portal.service.ServiceContext;
036 import com.liferay.portal.service.base.PasswordPolicyLocalServiceBaseImpl;
037 import com.liferay.portal.util.PropsValues;
038
039 import java.util.List;
040
041
044 public class PasswordPolicyLocalServiceImpl
045 extends PasswordPolicyLocalServiceBaseImpl {
046
047
054 @Deprecated
055 @Override
056 public PasswordPolicy addPasswordPolicy(
057 long userId, boolean defaultPolicy, String name, String description,
058 boolean changeable, boolean changeRequired, long minAge,
059 boolean checkSyntax, boolean allowDictionaryWords,
060 int minAlphanumeric, int minLength, int minLowerCase,
061 int minNumbers, int minSymbols, int minUpperCase, boolean history,
062 int historyCount, boolean expireable, long maxAge, long warningTime,
063 int graceLimit, boolean lockout, int maxFailure,
064 long lockoutDuration, long resetFailureCount,
065 long resetTicketMaxAge)
066 throws PortalException {
067
068 return addPasswordPolicy(
069 userId, defaultPolicy, name, description, changeable,
070 changeRequired, minAge, checkSyntax, allowDictionaryWords,
071 minAlphanumeric, minLength, minLowerCase, minNumbers, minSymbols,
072 minUpperCase, null, history, historyCount, expireable, maxAge,
073 warningTime, graceLimit, lockout, maxFailure, lockoutDuration,
074 resetFailureCount, resetTicketMaxAge, new ServiceContext());
075 }
076
077 @Override
078 public PasswordPolicy addPasswordPolicy(
079 long userId, boolean defaultPolicy, String name, String description,
080 boolean changeable, boolean changeRequired, long minAge,
081 boolean checkSyntax, boolean allowDictionaryWords,
082 int minAlphanumeric, int minLength, int minLowerCase,
083 int minNumbers, int minSymbols, int minUpperCase, String regex,
084 boolean history, int historyCount, boolean expireable, long maxAge,
085 long warningTime, int graceLimit, boolean lockout, int maxFailure,
086 long lockoutDuration, long resetFailureCount,
087 long resetTicketMaxAge, ServiceContext serviceContext)
088 throws PortalException {
089
090
091
092 User user = userPersistence.findByPrimaryKey(userId);
093
094 validate(0, user.getCompanyId(), name);
095
096 long passwordPolicyId = counterLocalService.increment();
097
098 PasswordPolicy passwordPolicy = passwordPolicyPersistence.create(
099 passwordPolicyId);
100
101 passwordPolicy.setUuid(serviceContext.getUuid());
102 passwordPolicy.setCompanyId(user.getCompanyId());
103 passwordPolicy.setUserId(userId);
104 passwordPolicy.setUserName(user.getFullName());
105 passwordPolicy.setDefaultPolicy(defaultPolicy);
106 passwordPolicy.setName(name);
107 passwordPolicy.setDescription(description);
108 passwordPolicy.setChangeable(changeable);
109 passwordPolicy.setChangeRequired(changeRequired);
110 passwordPolicy.setMinAge(minAge);
111 passwordPolicy.setCheckSyntax(checkSyntax);
112 passwordPolicy.setAllowDictionaryWords(allowDictionaryWords);
113 passwordPolicy.setMinAlphanumeric(minAlphanumeric);
114 passwordPolicy.setMinLength(minLength);
115 passwordPolicy.setMinLowerCase(minLowerCase);
116 passwordPolicy.setMinNumbers(minNumbers);
117 passwordPolicy.setMinSymbols(minSymbols);
118 passwordPolicy.setMinUpperCase(minUpperCase);
119 passwordPolicy.setRegex(regex);
120 passwordPolicy.setHistory(history);
121 passwordPolicy.setHistoryCount(historyCount);
122 passwordPolicy.setExpireable(expireable);
123 passwordPolicy.setMaxAge(maxAge);
124 passwordPolicy.setWarningTime(warningTime);
125 passwordPolicy.setGraceLimit(graceLimit);
126 passwordPolicy.setLockout(lockout);
127 passwordPolicy.setMaxFailure(maxFailure);
128 passwordPolicy.setLockoutDuration(lockoutDuration);
129 passwordPolicy.setRequireUnlock(lockoutDuration == 0);
130 passwordPolicy.setResetFailureCount(resetFailureCount);
131 passwordPolicy.setResetTicketMaxAge(resetTicketMaxAge);
132 passwordPolicy.setExpandoBridgeAttributes(serviceContext);
133
134 passwordPolicyPersistence.update(passwordPolicy);
135
136
137
138 if (!user.isDefaultUser()) {
139 resourceLocalService.addResources(
140 user.getCompanyId(), 0, userId, PasswordPolicy.class.getName(),
141 passwordPolicy.getPasswordPolicyId(), false, false, false);
142 }
143
144 return passwordPolicy;
145 }
146
147 @Override
148 public void checkDefaultPasswordPolicy(long companyId)
149 throws PortalException {
150
151 String defaultPasswordPolicyName =
152 PropsValues.PASSWORDS_DEFAULT_POLICY_NAME;
153
154 PasswordPolicy defaultPasswordPolicy =
155 passwordPolicyPersistence.fetchByC_N(
156 companyId, defaultPasswordPolicyName);
157
158 if (defaultPasswordPolicy == null) {
159 long defaultUserId = userLocalService.getDefaultUserId(companyId);
160
161 addPasswordPolicy(
162 defaultUserId, true, defaultPasswordPolicyName,
163 defaultPasswordPolicyName,
164 PropsValues.PASSWORDS_DEFAULT_POLICY_CHANGEABLE,
165 PropsValues.PASSWORDS_DEFAULT_POLICY_CHANGE_REQUIRED,
166 PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_AGE,
167 PropsValues.PASSWORDS_DEFAULT_POLICY_CHECK_SYNTAX,
168 PropsValues.PASSWORDS_DEFAULT_POLICY_ALLOW_DICTIONARY_WORDS,
169 PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_ALPHANUMERIC,
170 PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_LENGTH,
171 PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_LOWERCASE,
172 PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_NUMBERS,
173 PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_SYMBOLS,
174 PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_UPPERCASE,
175 PropsValues.PASSWORDS_DEFAULT_POLICY_REGEX,
176 PropsValues.PASSWORDS_DEFAULT_POLICY_HISTORY,
177 PropsValues.PASSWORDS_DEFAULT_POLICY_HISTORY_COUNT,
178 PropsValues.PASSWORDS_DEFAULT_POLICY_EXPIREABLE,
179 PropsValues.PASSWORDS_DEFAULT_POLICY_MAX_AGE,
180 PropsValues.PASSWORDS_DEFAULT_POLICY_WARNING_TIME,
181 PropsValues.PASSWORDS_DEFAULT_POLICY_GRACE_LIMIT,
182 PropsValues.PASSWORDS_DEFAULT_POLICY_LOCKOUT,
183 PropsValues.PASSWORDS_DEFAULT_POLICY_MAX_FAILURE,
184 PropsValues.PASSWORDS_DEFAULT_POLICY_LOCKOUT_DURATION,
185 PropsValues.PASSWORDS_DEFAULT_POLICY_RESET_FAILURE_COUNT,
186 PropsValues.PASSWORDS_DEFAULT_POLICY_RESET_TICKET_MAX_AGE,
187 new ServiceContext());
188 }
189 }
190
191 @Override
192 public void deleteNondefaultPasswordPolicies(long companyId)
193 throws PortalException {
194
195 List<PasswordPolicy> passwordPolicies =
196 passwordPolicyPersistence.findByCompanyId(companyId);
197
198 for (PasswordPolicy passwordPolicy : passwordPolicies) {
199 if (!passwordPolicy.isDefaultPolicy()) {
200 passwordPolicyLocalService.deletePasswordPolicy(passwordPolicy);
201 }
202 }
203 }
204
205 @Override
206 public PasswordPolicy deletePasswordPolicy(long passwordPolicyId)
207 throws PortalException {
208
209 PasswordPolicy passwordPolicy =
210 passwordPolicyPersistence.findByPrimaryKey(passwordPolicyId);
211
212 return passwordPolicyLocalService.deletePasswordPolicy(passwordPolicy);
213 }
214
215 @Override
216 @SystemEvent(
217 action = SystemEventConstants.ACTION_SKIP,
218 type = SystemEventConstants.TYPE_DELETE
219 )
220 public PasswordPolicy deletePasswordPolicy(PasswordPolicy passwordPolicy)
221 throws PortalException {
222
223 if (passwordPolicy.isDefaultPolicy() &&
224 !CompanyThreadLocal.isDeleteInProcess()) {
225
226 throw new RequiredPasswordPolicyException();
227 }
228
229
230
231 passwordPolicyRelLocalService.deletePasswordPolicyRels(
232 passwordPolicy.getPasswordPolicyId());
233
234
235
236 resourceLocalService.deleteResource(
237 passwordPolicy.getCompanyId(), PasswordPolicy.class.getName(),
238 ResourceConstants.SCOPE_INDIVIDUAL,
239 passwordPolicy.getPasswordPolicyId());
240
241
242
243 return passwordPolicyPersistence.remove(passwordPolicy);
244 }
245
246 @Override
247 public PasswordPolicy fetchPasswordPolicy(long companyId, String name) {
248 return passwordPolicyPersistence.fetchByC_N(companyId, name);
249 }
250
251 @Override
252 public PasswordPolicy getDefaultPasswordPolicy(long companyId)
253 throws PortalException {
254
255 if (LDAPSettingsUtil.isPasswordPolicyEnabled(companyId)) {
256 return null;
257 }
258
259 return passwordPolicyPersistence.findByC_DP(companyId, true);
260 }
261
262
265 @Deprecated
266 @Override
267 public PasswordPolicy getPasswordPolicy(
268 long companyId, long organizationId, long locationId)
269 throws PortalException {
270
271 return getPasswordPolicy(
272 companyId, new long[] {organizationId, locationId});
273 }
274
275 @Override
276 public PasswordPolicy getPasswordPolicy(
277 long companyId, long[] organizationIds)
278 throws PortalException {
279
280 if (LDAPSettingsUtil.isPasswordPolicyEnabled(companyId)) {
281 return null;
282 }
283
284 if (ArrayUtil.isEmpty(organizationIds)) {
285 return getDefaultPasswordPolicy(companyId);
286 }
287
288 long classNameId = classNameLocalService.getClassNameId(
289 Organization.class.getName());
290
291 PasswordPolicyRel passwordPolicyRel = null;
292
293 for (int i = 0; i < organizationIds.length; i++) {
294 long organizationId = organizationIds[i];
295
296 passwordPolicyRel = passwordPolicyRelPersistence.fetchByC_C(
297 classNameId, organizationId);
298
299 if (passwordPolicyRel != null) {
300 return passwordPolicyPersistence.findByPrimaryKey(
301 passwordPolicyRel.getPasswordPolicyId());
302 }
303 }
304
305 return getDefaultPasswordPolicy(companyId);
306 }
307
308 @Override
309 @ThreadLocalCachable
310 public PasswordPolicy getPasswordPolicyByUserId(long userId)
311 throws PortalException {
312
313 User user = userPersistence.findByPrimaryKey(userId);
314
315 if (LDAPSettingsUtil.isPasswordPolicyEnabled(user.getCompanyId())) {
316 return null;
317 }
318
319 long classNameId = classNameLocalService.getClassNameId(
320 User.class.getName());
321
322 PasswordPolicyRel passwordPolicyRel =
323 passwordPolicyRelPersistence.fetchByC_C(classNameId, userId);
324
325 if (passwordPolicyRel != null) {
326 return getPasswordPolicy(passwordPolicyRel.getPasswordPolicyId());
327 }
328
329 long[] organizationIds = userPersistence.getOrganizationPrimaryKeys(
330 userId);
331
332 if (organizationIds.length == 0) {
333 return passwordPolicyPersistence.findByC_DP(
334 user.getCompanyId(), true);
335 }
336
337 return getPasswordPolicy(user.getCompanyId(), organizationIds);
338 }
339
340 @Override
341 public List<PasswordPolicy> search(
342 long companyId, String name, int start, int end,
343 OrderByComparator<PasswordPolicy> obc) {
344
345 return passwordPolicyFinder.findByC_N(companyId, name, start, end, obc);
346 }
347
348 @Override
349 public int searchCount(long companyId, String name) {
350 return passwordPolicyFinder.countByC_N(companyId, name);
351 }
352
353
360 @Deprecated
361 @Override
362 public PasswordPolicy updatePasswordPolicy(
363 long passwordPolicyId, String name, String description,
364 boolean changeable, boolean changeRequired, long minAge,
365 boolean checkSyntax, boolean allowDictionaryWords,
366 int minAlphanumeric, int minLength, int minLowerCase,
367 int minNumbers, int minSymbols, int minUpperCase, boolean history,
368 int historyCount, boolean expireable, long maxAge, long warningTime,
369 int graceLimit, boolean lockout, int maxFailure,
370 long lockoutDuration, long resetFailureCount,
371 long resetTicketMaxAge)
372 throws PortalException {
373
374 return updatePasswordPolicy(
375 passwordPolicyId, name, description, changeable, changeRequired,
376 minAge, checkSyntax, allowDictionaryWords, minAlphanumeric,
377 minLength, minLowerCase, minNumbers, minSymbols, minUpperCase, null,
378 history, historyCount, expireable, maxAge, warningTime, graceLimit,
379 lockout, maxFailure, lockoutDuration, resetFailureCount,
380 resetTicketMaxAge, new ServiceContext());
381 }
382
383 @Override
384 public PasswordPolicy updatePasswordPolicy(
385 long passwordPolicyId, String name, String description,
386 boolean changeable, boolean changeRequired, long minAge,
387 boolean checkSyntax, boolean allowDictionaryWords,
388 int minAlphanumeric, int minLength, int minLowerCase,
389 int minNumbers, int minSymbols, int minUpperCase, String regex,
390 boolean history, int historyCount, boolean expireable, long maxAge,
391 long warningTime, int graceLimit, boolean lockout, int maxFailure,
392 long lockoutDuration, long resetFailureCount,
393 long resetTicketMaxAge, ServiceContext serviceContext)
394 throws PortalException {
395
396 PasswordPolicy passwordPolicy =
397 passwordPolicyPersistence.findByPrimaryKey(passwordPolicyId);
398
399 if (!passwordPolicy.getDefaultPolicy()) {
400 validate(passwordPolicyId, passwordPolicy.getCompanyId(), name);
401
402 passwordPolicy.setName(name);
403 }
404
405 passwordPolicy.setDescription(description);
406 passwordPolicy.setChangeable(changeable);
407 passwordPolicy.setChangeRequired(changeRequired);
408 passwordPolicy.setMinAge(minAge);
409 passwordPolicy.setCheckSyntax(checkSyntax);
410 passwordPolicy.setAllowDictionaryWords(allowDictionaryWords);
411 passwordPolicy.setMinAlphanumeric(minAlphanumeric);
412 passwordPolicy.setMinLength(minLength);
413 passwordPolicy.setMinLowerCase(minLowerCase);
414 passwordPolicy.setMinNumbers(minNumbers);
415 passwordPolicy.setMinSymbols(minSymbols);
416 passwordPolicy.setMinUpperCase(minUpperCase);
417 passwordPolicy.setRegex(regex);
418 passwordPolicy.setHistory(history);
419 passwordPolicy.setHistoryCount(historyCount);
420 passwordPolicy.setExpireable(expireable);
421 passwordPolicy.setMaxAge(maxAge);
422 passwordPolicy.setWarningTime(warningTime);
423 passwordPolicy.setGraceLimit(graceLimit);
424 passwordPolicy.setLockout(lockout);
425 passwordPolicy.setMaxFailure(maxFailure);
426 passwordPolicy.setLockoutDuration(lockoutDuration);
427 passwordPolicy.setRequireUnlock(lockoutDuration == 0);
428 passwordPolicy.setResetFailureCount(resetFailureCount);
429 passwordPolicy.setResetTicketMaxAge(resetTicketMaxAge);
430 passwordPolicy.setExpandoBridgeAttributes(serviceContext);
431
432 passwordPolicyPersistence.update(passwordPolicy);
433
434 return passwordPolicy;
435 }
436
437 protected void validate(long passwordPolicyId, long companyId, String name)
438 throws PortalException {
439
440 if (Validator.isNull(name) || Validator.isNumber(name) ||
441 (name.indexOf(CharPool.COMMA) != -1) ||
442 (name.indexOf(CharPool.STAR) != -1)) {
443
444 throw new PasswordPolicyNameException();
445 }
446
447 PasswordPolicy passwordPolicy = passwordPolicyPersistence.fetchByC_N(
448 companyId, name);
449
450 if ((passwordPolicy != null) &&
451 (passwordPolicy.getPasswordPolicyId() != passwordPolicyId)) {
452
453 throw new DuplicatePasswordPolicyException(
454 "{passwordPolicyId=" + passwordPolicyId + "}");
455 }
456 }
457
458 }