001    /**
002     * Copyright (c) 2000-present Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.service.impl;
016    
017    import com.liferay.portal.exception.DuplicatePasswordPolicyException;
018    import com.liferay.portal.exception.PasswordPolicyNameException;
019    import com.liferay.portal.exception.RequiredPasswordPolicyException;
020    import com.liferay.portal.kernel.cache.thread.local.ThreadLocalCachable;
021    import com.liferay.portal.kernel.exception.PortalException;
022    import com.liferay.portal.kernel.systemevent.SystemEvent;
023    import com.liferay.portal.kernel.util.ArrayUtil;
024    import com.liferay.portal.kernel.util.CharPool;
025    import com.liferay.portal.kernel.util.OrderByComparator;
026    import com.liferay.portal.kernel.util.Validator;
027    import com.liferay.portal.model.Organization;
028    import com.liferay.portal.model.PasswordPolicy;
029    import com.liferay.portal.model.PasswordPolicyRel;
030    import com.liferay.portal.model.ResourceConstants;
031    import com.liferay.portal.model.SystemEventConstants;
032    import com.liferay.portal.model.User;
033    import com.liferay.portal.security.auth.CompanyThreadLocal;
034    import com.liferay.portal.security.ldap.LDAPSettingsUtil;
035    import com.liferay.portal.service.ServiceContext;
036    import com.liferay.portal.service.base.PasswordPolicyLocalServiceBaseImpl;
037    import com.liferay.portal.util.PropsValues;
038    
039    import java.util.List;
040    
041    /**
042     * @author Scott Lee
043     */
044    public class PasswordPolicyLocalServiceImpl
045            extends PasswordPolicyLocalServiceBaseImpl {
046    
047            /**
048             * @deprecated As of 6.2.0, replaced by {@link #addPasswordPolicy(long,
049             *             boolean, String, String, boolean, boolean, long, boolean,
050             *             boolean, int, int, int, int, int, int, String, boolean, int,
051             *             boolean, long, long, int, boolean, int, long, long, long,
052             *             ServiceContext)}
053             */
054            @Deprecated
055            @Override
056            public PasswordPolicy addPasswordPolicy(
057                            long userId, boolean defaultPolicy, String name, String description,
058                            boolean changeable, boolean changeRequired, long minAge,
059                            boolean checkSyntax, boolean allowDictionaryWords,
060                            int minAlphanumeric, int minLength, int minLowerCase,
061                            int minNumbers, int minSymbols, int minUpperCase, boolean history,
062                            int historyCount, boolean expireable, long maxAge, long warningTime,
063                            int graceLimit, boolean lockout, int maxFailure,
064                            long lockoutDuration, long resetFailureCount,
065                            long resetTicketMaxAge)
066                    throws PortalException {
067    
068                    return addPasswordPolicy(
069                            userId, defaultPolicy, name, description, changeable,
070                            changeRequired, minAge, checkSyntax, allowDictionaryWords,
071                            minAlphanumeric, minLength, minLowerCase, minNumbers, minSymbols,
072                            minUpperCase, null, history, historyCount, expireable, maxAge,
073                            warningTime, graceLimit, lockout, maxFailure, lockoutDuration,
074                            resetFailureCount, resetTicketMaxAge, new ServiceContext());
075            }
076    
077            @Override
078            public PasswordPolicy addPasswordPolicy(
079                            long userId, boolean defaultPolicy, String name, String description,
080                            boolean changeable, boolean changeRequired, long minAge,
081                            boolean checkSyntax, boolean allowDictionaryWords,
082                            int minAlphanumeric, int minLength, int minLowerCase,
083                            int minNumbers, int minSymbols, int minUpperCase, String regex,
084                            boolean history, int historyCount, boolean expireable, long maxAge,
085                            long warningTime, int graceLimit, boolean lockout, int maxFailure,
086                            long lockoutDuration, long resetFailureCount,
087                            long resetTicketMaxAge, ServiceContext serviceContext)
088                    throws PortalException {
089    
090                    // Password policy
091    
092                    User user = userPersistence.findByPrimaryKey(userId);
093    
094                    validate(0, user.getCompanyId(), name);
095    
096                    long passwordPolicyId = counterLocalService.increment();
097    
098                    PasswordPolicy passwordPolicy = passwordPolicyPersistence.create(
099                            passwordPolicyId);
100    
101                    passwordPolicy.setUuid(serviceContext.getUuid());
102                    passwordPolicy.setCompanyId(user.getCompanyId());
103                    passwordPolicy.setUserId(userId);
104                    passwordPolicy.setUserName(user.getFullName());
105                    passwordPolicy.setDefaultPolicy(defaultPolicy);
106                    passwordPolicy.setName(name);
107                    passwordPolicy.setDescription(description);
108                    passwordPolicy.setChangeable(changeable);
109                    passwordPolicy.setChangeRequired(changeRequired);
110                    passwordPolicy.setMinAge(minAge);
111                    passwordPolicy.setCheckSyntax(checkSyntax);
112                    passwordPolicy.setAllowDictionaryWords(allowDictionaryWords);
113                    passwordPolicy.setMinAlphanumeric(minAlphanumeric);
114                    passwordPolicy.setMinLength(minLength);
115                    passwordPolicy.setMinLowerCase(minLowerCase);
116                    passwordPolicy.setMinNumbers(minNumbers);
117                    passwordPolicy.setMinSymbols(minSymbols);
118                    passwordPolicy.setMinUpperCase(minUpperCase);
119                    passwordPolicy.setRegex(regex);
120                    passwordPolicy.setHistory(history);
121                    passwordPolicy.setHistoryCount(historyCount);
122                    passwordPolicy.setExpireable(expireable);
123                    passwordPolicy.setMaxAge(maxAge);
124                    passwordPolicy.setWarningTime(warningTime);
125                    passwordPolicy.setGraceLimit(graceLimit);
126                    passwordPolicy.setLockout(lockout);
127                    passwordPolicy.setMaxFailure(maxFailure);
128                    passwordPolicy.setLockoutDuration(lockoutDuration);
129                    passwordPolicy.setRequireUnlock(lockoutDuration == 0);
130                    passwordPolicy.setResetFailureCount(resetFailureCount);
131                    passwordPolicy.setResetTicketMaxAge(resetTicketMaxAge);
132                    passwordPolicy.setExpandoBridgeAttributes(serviceContext);
133    
134                    passwordPolicyPersistence.update(passwordPolicy);
135    
136                    // Resources
137    
138                    if (!user.isDefaultUser()) {
139                            resourceLocalService.addResources(
140                                    user.getCompanyId(), 0, userId, PasswordPolicy.class.getName(),
141                                    passwordPolicy.getPasswordPolicyId(), false, false, false);
142                    }
143    
144                    return passwordPolicy;
145            }
146    
147            @Override
148            public void checkDefaultPasswordPolicy(long companyId)
149                    throws PortalException {
150    
151                    String defaultPasswordPolicyName =
152                            PropsValues.PASSWORDS_DEFAULT_POLICY_NAME;
153    
154                    PasswordPolicy defaultPasswordPolicy =
155                            passwordPolicyPersistence.fetchByC_N(
156                                    companyId, defaultPasswordPolicyName);
157    
158                    if (defaultPasswordPolicy == null) {
159                            long defaultUserId = userLocalService.getDefaultUserId(companyId);
160    
161                            addPasswordPolicy(
162                                    defaultUserId, true, defaultPasswordPolicyName,
163                                    defaultPasswordPolicyName,
164                                    PropsValues.PASSWORDS_DEFAULT_POLICY_CHANGEABLE,
165                                    PropsValues.PASSWORDS_DEFAULT_POLICY_CHANGE_REQUIRED,
166                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_AGE,
167                                    PropsValues.PASSWORDS_DEFAULT_POLICY_CHECK_SYNTAX,
168                                    PropsValues.PASSWORDS_DEFAULT_POLICY_ALLOW_DICTIONARY_WORDS,
169                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_ALPHANUMERIC,
170                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_LENGTH,
171                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_LOWERCASE,
172                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_NUMBERS,
173                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_SYMBOLS,
174                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_UPPERCASE,
175                                    PropsValues.PASSWORDS_DEFAULT_POLICY_REGEX,
176                                    PropsValues.PASSWORDS_DEFAULT_POLICY_HISTORY,
177                                    PropsValues.PASSWORDS_DEFAULT_POLICY_HISTORY_COUNT,
178                                    PropsValues.PASSWORDS_DEFAULT_POLICY_EXPIREABLE,
179                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MAX_AGE,
180                                    PropsValues.PASSWORDS_DEFAULT_POLICY_WARNING_TIME,
181                                    PropsValues.PASSWORDS_DEFAULT_POLICY_GRACE_LIMIT,
182                                    PropsValues.PASSWORDS_DEFAULT_POLICY_LOCKOUT,
183                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MAX_FAILURE,
184                                    PropsValues.PASSWORDS_DEFAULT_POLICY_LOCKOUT_DURATION,
185                                    PropsValues.PASSWORDS_DEFAULT_POLICY_RESET_FAILURE_COUNT,
186                                    PropsValues.PASSWORDS_DEFAULT_POLICY_RESET_TICKET_MAX_AGE,
187                                    new ServiceContext());
188                    }
189            }
190    
191            @Override
192            public void deleteNondefaultPasswordPolicies(long companyId)
193                    throws PortalException {
194    
195                    List<PasswordPolicy> passwordPolicies =
196                            passwordPolicyPersistence.findByCompanyId(companyId);
197    
198                    for (PasswordPolicy passwordPolicy : passwordPolicies) {
199                            if (!passwordPolicy.isDefaultPolicy()) {
200                                    passwordPolicyLocalService.deletePasswordPolicy(passwordPolicy);
201                            }
202                    }
203            }
204    
205            @Override
206            public PasswordPolicy deletePasswordPolicy(long passwordPolicyId)
207                    throws PortalException {
208    
209                    PasswordPolicy passwordPolicy =
210                            passwordPolicyPersistence.findByPrimaryKey(passwordPolicyId);
211    
212                    return passwordPolicyLocalService.deletePasswordPolicy(passwordPolicy);
213            }
214    
215            @Override
216            @SystemEvent(
217                    action = SystemEventConstants.ACTION_SKIP,
218                    type = SystemEventConstants.TYPE_DELETE
219            )
220            public PasswordPolicy deletePasswordPolicy(PasswordPolicy passwordPolicy)
221                    throws PortalException {
222    
223                    if (passwordPolicy.isDefaultPolicy() &&
224                            !CompanyThreadLocal.isDeleteInProcess()) {
225    
226                            throw new RequiredPasswordPolicyException();
227                    }
228    
229                    // Password policy relations
230    
231                    passwordPolicyRelLocalService.deletePasswordPolicyRels(
232                            passwordPolicy.getPasswordPolicyId());
233    
234                    // Resources
235    
236                    resourceLocalService.deleteResource(
237                            passwordPolicy.getCompanyId(), PasswordPolicy.class.getName(),
238                            ResourceConstants.SCOPE_INDIVIDUAL,
239                            passwordPolicy.getPasswordPolicyId());
240    
241                    // Password policy
242    
243                    return passwordPolicyPersistence.remove(passwordPolicy);
244            }
245    
246            @Override
247            public PasswordPolicy fetchPasswordPolicy(long companyId, String name) {
248                    return passwordPolicyPersistence.fetchByC_N(companyId, name);
249            }
250    
251            @Override
252            public PasswordPolicy getDefaultPasswordPolicy(long companyId)
253                    throws PortalException {
254    
255                    if (LDAPSettingsUtil.isPasswordPolicyEnabled(companyId)) {
256                            return null;
257                    }
258    
259                    return passwordPolicyPersistence.findByC_DP(companyId, true);
260            }
261    
262            /**
263             * @deprecated As of 6.1.0
264             */
265            @Deprecated
266            @Override
267            public PasswordPolicy getPasswordPolicy(
268                            long companyId, long organizationId, long locationId)
269                    throws PortalException {
270    
271                    return getPasswordPolicy(
272                            companyId, new long[] {organizationId, locationId});
273            }
274    
275            @Override
276            public PasswordPolicy getPasswordPolicy(
277                            long companyId, long[] organizationIds)
278                    throws PortalException {
279    
280                    if (LDAPSettingsUtil.isPasswordPolicyEnabled(companyId)) {
281                            return null;
282                    }
283    
284                    if (ArrayUtil.isEmpty(organizationIds)) {
285                            return getDefaultPasswordPolicy(companyId);
286                    }
287    
288                    long classNameId = classNameLocalService.getClassNameId(
289                            Organization.class.getName());
290    
291                    PasswordPolicyRel passwordPolicyRel = null;
292    
293                    for (int i = 0; i < organizationIds.length; i++) {
294                            long organizationId = organizationIds[i];
295    
296                            passwordPolicyRel = passwordPolicyRelPersistence.fetchByC_C(
297                                    classNameId, organizationId);
298    
299                            if (passwordPolicyRel != null) {
300                                    return passwordPolicyPersistence.findByPrimaryKey(
301                                            passwordPolicyRel.getPasswordPolicyId());
302                            }
303                    }
304    
305                    return getDefaultPasswordPolicy(companyId);
306            }
307    
308            @Override
309            @ThreadLocalCachable
310            public PasswordPolicy getPasswordPolicyByUserId(long userId)
311                    throws PortalException {
312    
313                    User user = userPersistence.findByPrimaryKey(userId);
314    
315                    if (LDAPSettingsUtil.isPasswordPolicyEnabled(user.getCompanyId())) {
316                            return null;
317                    }
318    
319                    long classNameId = classNameLocalService.getClassNameId(
320                            User.class.getName());
321    
322                    PasswordPolicyRel passwordPolicyRel =
323                            passwordPolicyRelPersistence.fetchByC_C(classNameId, userId);
324    
325                    if (passwordPolicyRel != null) {
326                            return getPasswordPolicy(passwordPolicyRel.getPasswordPolicyId());
327                    }
328    
329                    long[] organizationIds = userPersistence.getOrganizationPrimaryKeys(
330                            userId);
331    
332                    if (organizationIds.length == 0) {
333                            return passwordPolicyPersistence.findByC_DP(
334                                    user.getCompanyId(), true);
335                    }
336    
337                    return getPasswordPolicy(user.getCompanyId(), organizationIds);
338            }
339    
340            @Override
341            public List<PasswordPolicy> search(
342                    long companyId, String name, int start, int end,
343                    OrderByComparator<PasswordPolicy> obc) {
344    
345                    return passwordPolicyFinder.findByC_N(companyId, name, start, end, obc);
346            }
347    
348            @Override
349            public int searchCount(long companyId, String name) {
350                    return passwordPolicyFinder.countByC_N(companyId, name);
351            }
352    
353            /**
354             * @deprecated As of 6.2.0, replaced by {@link #updatePasswordPolicy(long,
355             *             String, String, boolean, boolean, long, boolean, boolean,
356             *             int, int, int, int, int, int, String, boolean, int, boolean,
357             *             long, long, int, boolean, int, long, long, long,
358             *             ServiceContext)}
359             */
360            @Deprecated
361            @Override
362            public PasswordPolicy updatePasswordPolicy(
363                            long passwordPolicyId, String name, String description,
364                            boolean changeable, boolean changeRequired, long minAge,
365                            boolean checkSyntax, boolean allowDictionaryWords,
366                            int minAlphanumeric, int minLength, int minLowerCase,
367                            int minNumbers, int minSymbols, int minUpperCase, boolean history,
368                            int historyCount, boolean expireable, long maxAge, long warningTime,
369                            int graceLimit, boolean lockout, int maxFailure,
370                            long lockoutDuration, long resetFailureCount,
371                            long resetTicketMaxAge)
372                    throws PortalException {
373    
374                    return updatePasswordPolicy(
375                            passwordPolicyId, name, description, changeable, changeRequired,
376                            minAge, checkSyntax, allowDictionaryWords, minAlphanumeric,
377                            minLength, minLowerCase, minNumbers, minSymbols, minUpperCase, null,
378                            history, historyCount, expireable, maxAge, warningTime, graceLimit,
379                            lockout, maxFailure, lockoutDuration, resetFailureCount,
380                            resetTicketMaxAge, new ServiceContext());
381            }
382    
383            @Override
384            public PasswordPolicy updatePasswordPolicy(
385                            long passwordPolicyId, String name, String description,
386                            boolean changeable, boolean changeRequired, long minAge,
387                            boolean checkSyntax, boolean allowDictionaryWords,
388                            int minAlphanumeric, int minLength, int minLowerCase,
389                            int minNumbers, int minSymbols, int minUpperCase, String regex,
390                            boolean history, int historyCount, boolean expireable, long maxAge,
391                            long warningTime, int graceLimit, boolean lockout, int maxFailure,
392                            long lockoutDuration, long resetFailureCount,
393                            long resetTicketMaxAge, ServiceContext serviceContext)
394                    throws PortalException {
395    
396                    PasswordPolicy passwordPolicy =
397                            passwordPolicyPersistence.findByPrimaryKey(passwordPolicyId);
398    
399                    if (!passwordPolicy.getDefaultPolicy()) {
400                            validate(passwordPolicyId, passwordPolicy.getCompanyId(), name);
401    
402                            passwordPolicy.setName(name);
403                    }
404    
405                    passwordPolicy.setDescription(description);
406                    passwordPolicy.setChangeable(changeable);
407                    passwordPolicy.setChangeRequired(changeRequired);
408                    passwordPolicy.setMinAge(minAge);
409                    passwordPolicy.setCheckSyntax(checkSyntax);
410                    passwordPolicy.setAllowDictionaryWords(allowDictionaryWords);
411                    passwordPolicy.setMinAlphanumeric(minAlphanumeric);
412                    passwordPolicy.setMinLength(minLength);
413                    passwordPolicy.setMinLowerCase(minLowerCase);
414                    passwordPolicy.setMinNumbers(minNumbers);
415                    passwordPolicy.setMinSymbols(minSymbols);
416                    passwordPolicy.setMinUpperCase(minUpperCase);
417                    passwordPolicy.setRegex(regex);
418                    passwordPolicy.setHistory(history);
419                    passwordPolicy.setHistoryCount(historyCount);
420                    passwordPolicy.setExpireable(expireable);
421                    passwordPolicy.setMaxAge(maxAge);
422                    passwordPolicy.setWarningTime(warningTime);
423                    passwordPolicy.setGraceLimit(graceLimit);
424                    passwordPolicy.setLockout(lockout);
425                    passwordPolicy.setMaxFailure(maxFailure);
426                    passwordPolicy.setLockoutDuration(lockoutDuration);
427                    passwordPolicy.setRequireUnlock(lockoutDuration == 0);
428                    passwordPolicy.setResetFailureCount(resetFailureCount);
429                    passwordPolicy.setResetTicketMaxAge(resetTicketMaxAge);
430                    passwordPolicy.setExpandoBridgeAttributes(serviceContext);
431    
432                    passwordPolicyPersistence.update(passwordPolicy);
433    
434                    return passwordPolicy;
435            }
436    
437            protected void validate(long passwordPolicyId, long companyId, String name)
438                    throws PortalException {
439    
440                    if (Validator.isNull(name) || Validator.isNumber(name) ||
441                            (name.indexOf(CharPool.COMMA) != -1) ||
442                            (name.indexOf(CharPool.STAR) != -1)) {
443    
444                            throw new PasswordPolicyNameException();
445                    }
446    
447                    PasswordPolicy passwordPolicy = passwordPolicyPersistence.fetchByC_N(
448                            companyId, name);
449    
450                    if ((passwordPolicy != null) &&
451                            (passwordPolicy.getPasswordPolicyId() != passwordPolicyId)) {
452    
453                            throw new DuplicatePasswordPolicyException(
454                                    "{passwordPolicyId=" + passwordPolicyId + "}");
455                    }
456            }
457    
458    }