001
014
015 package com.liferay.portal.service.impl;
016
017 import com.liferay.portal.exception.DuplicatePasswordPolicyException;
018 import com.liferay.portal.exception.PasswordPolicyNameException;
019 import com.liferay.portal.exception.RequiredPasswordPolicyException;
020 import com.liferay.portal.kernel.cache.thread.local.ThreadLocalCachable;
021 import com.liferay.portal.kernel.exception.PortalException;
022 import com.liferay.portal.kernel.security.auth.CompanyThreadLocal;
023 import com.liferay.portal.kernel.security.ldap.LDAPSettingsUtil;
024 import com.liferay.portal.kernel.systemevent.SystemEvent;
025 import com.liferay.portal.kernel.util.ArrayUtil;
026 import com.liferay.portal.kernel.util.CharPool;
027 import com.liferay.portal.kernel.util.OrderByComparator;
028 import com.liferay.portal.kernel.util.Validator;
029 import com.liferay.portal.model.Organization;
030 import com.liferay.portal.model.PasswordPolicy;
031 import com.liferay.portal.model.PasswordPolicyRel;
032 import com.liferay.portal.model.ResourceConstants;
033 import com.liferay.portal.model.SystemEventConstants;
034 import com.liferay.portal.model.User;
035 import com.liferay.portal.service.ServiceContext;
036 import com.liferay.portal.service.base.PasswordPolicyLocalServiceBaseImpl;
037 import com.liferay.portal.util.PropsValues;
038
039 import java.util.List;
040
041
044 public class PasswordPolicyLocalServiceImpl
045 extends PasswordPolicyLocalServiceBaseImpl {
046
047 @Override
048 public PasswordPolicy addPasswordPolicy(
049 long userId, boolean defaultPolicy, String name, String description,
050 boolean changeable, boolean changeRequired, long minAge,
051 boolean checkSyntax, boolean allowDictionaryWords,
052 int minAlphanumeric, int minLength, int minLowerCase,
053 int minNumbers, int minSymbols, int minUpperCase, String regex,
054 boolean history, int historyCount, boolean expireable, long maxAge,
055 long warningTime, int graceLimit, boolean lockout, int maxFailure,
056 long lockoutDuration, long resetFailureCount,
057 long resetTicketMaxAge, ServiceContext serviceContext)
058 throws PortalException {
059
060
061
062 User user = userPersistence.findByPrimaryKey(userId);
063
064 validate(0, user.getCompanyId(), name);
065
066 long passwordPolicyId = counterLocalService.increment();
067
068 PasswordPolicy passwordPolicy = passwordPolicyPersistence.create(
069 passwordPolicyId);
070
071 passwordPolicy.setUuid(serviceContext.getUuid());
072 passwordPolicy.setCompanyId(user.getCompanyId());
073 passwordPolicy.setUserId(userId);
074 passwordPolicy.setUserName(user.getFullName());
075 passwordPolicy.setDefaultPolicy(defaultPolicy);
076 passwordPolicy.setName(name);
077 passwordPolicy.setDescription(description);
078 passwordPolicy.setChangeable(changeable);
079 passwordPolicy.setChangeRequired(changeRequired);
080 passwordPolicy.setMinAge(minAge);
081 passwordPolicy.setCheckSyntax(checkSyntax);
082 passwordPolicy.setAllowDictionaryWords(allowDictionaryWords);
083 passwordPolicy.setMinAlphanumeric(minAlphanumeric);
084 passwordPolicy.setMinLength(minLength);
085 passwordPolicy.setMinLowerCase(minLowerCase);
086 passwordPolicy.setMinNumbers(minNumbers);
087 passwordPolicy.setMinSymbols(minSymbols);
088 passwordPolicy.setMinUpperCase(minUpperCase);
089 passwordPolicy.setRegex(regex);
090 passwordPolicy.setHistory(history);
091 passwordPolicy.setHistoryCount(historyCount);
092 passwordPolicy.setExpireable(expireable);
093 passwordPolicy.setMaxAge(maxAge);
094 passwordPolicy.setWarningTime(warningTime);
095 passwordPolicy.setGraceLimit(graceLimit);
096 passwordPolicy.setLockout(lockout);
097 passwordPolicy.setMaxFailure(maxFailure);
098 passwordPolicy.setLockoutDuration(lockoutDuration);
099 passwordPolicy.setRequireUnlock(lockoutDuration == 0);
100 passwordPolicy.setResetFailureCount(resetFailureCount);
101 passwordPolicy.setResetTicketMaxAge(resetTicketMaxAge);
102 passwordPolicy.setExpandoBridgeAttributes(serviceContext);
103
104 passwordPolicyPersistence.update(passwordPolicy);
105
106
107
108 if (!user.isDefaultUser()) {
109 resourceLocalService.addResources(
110 user.getCompanyId(), 0, userId, PasswordPolicy.class.getName(),
111 passwordPolicy.getPasswordPolicyId(), false, false, false);
112 }
113
114 return passwordPolicy;
115 }
116
117 @Override
118 public void checkDefaultPasswordPolicy(long companyId)
119 throws PortalException {
120
121 String defaultPasswordPolicyName =
122 PropsValues.PASSWORDS_DEFAULT_POLICY_NAME;
123
124 PasswordPolicy defaultPasswordPolicy =
125 passwordPolicyPersistence.fetchByC_N(
126 companyId, defaultPasswordPolicyName);
127
128 if (defaultPasswordPolicy == null) {
129 long defaultUserId = userLocalService.getDefaultUserId(companyId);
130
131 addPasswordPolicy(
132 defaultUserId, true, defaultPasswordPolicyName,
133 defaultPasswordPolicyName,
134 PropsValues.PASSWORDS_DEFAULT_POLICY_CHANGEABLE,
135 PropsValues.PASSWORDS_DEFAULT_POLICY_CHANGE_REQUIRED,
136 PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_AGE,
137 PropsValues.PASSWORDS_DEFAULT_POLICY_CHECK_SYNTAX,
138 PropsValues.PASSWORDS_DEFAULT_POLICY_ALLOW_DICTIONARY_WORDS,
139 PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_ALPHANUMERIC,
140 PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_LENGTH,
141 PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_LOWERCASE,
142 PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_NUMBERS,
143 PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_SYMBOLS,
144 PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_UPPERCASE,
145 PropsValues.PASSWORDS_DEFAULT_POLICY_REGEX,
146 PropsValues.PASSWORDS_DEFAULT_POLICY_HISTORY,
147 PropsValues.PASSWORDS_DEFAULT_POLICY_HISTORY_COUNT,
148 PropsValues.PASSWORDS_DEFAULT_POLICY_EXPIREABLE,
149 PropsValues.PASSWORDS_DEFAULT_POLICY_MAX_AGE,
150 PropsValues.PASSWORDS_DEFAULT_POLICY_WARNING_TIME,
151 PropsValues.PASSWORDS_DEFAULT_POLICY_GRACE_LIMIT,
152 PropsValues.PASSWORDS_DEFAULT_POLICY_LOCKOUT,
153 PropsValues.PASSWORDS_DEFAULT_POLICY_MAX_FAILURE,
154 PropsValues.PASSWORDS_DEFAULT_POLICY_LOCKOUT_DURATION,
155 PropsValues.PASSWORDS_DEFAULT_POLICY_RESET_FAILURE_COUNT,
156 PropsValues.PASSWORDS_DEFAULT_POLICY_RESET_TICKET_MAX_AGE,
157 new ServiceContext());
158 }
159 }
160
161 @Override
162 public void deleteNondefaultPasswordPolicies(long companyId)
163 throws PortalException {
164
165 List<PasswordPolicy> passwordPolicies =
166 passwordPolicyPersistence.findByCompanyId(companyId);
167
168 for (PasswordPolicy passwordPolicy : passwordPolicies) {
169 if (!passwordPolicy.isDefaultPolicy()) {
170 passwordPolicyLocalService.deletePasswordPolicy(passwordPolicy);
171 }
172 }
173 }
174
175 @Override
176 public PasswordPolicy deletePasswordPolicy(long passwordPolicyId)
177 throws PortalException {
178
179 PasswordPolicy passwordPolicy =
180 passwordPolicyPersistence.findByPrimaryKey(passwordPolicyId);
181
182 return passwordPolicyLocalService.deletePasswordPolicy(passwordPolicy);
183 }
184
185 @Override
186 @SystemEvent(
187 action = SystemEventConstants.ACTION_SKIP,
188 type = SystemEventConstants.TYPE_DELETE
189 )
190 public PasswordPolicy deletePasswordPolicy(PasswordPolicy passwordPolicy)
191 throws PortalException {
192
193 if (passwordPolicy.isDefaultPolicy() &&
194 !CompanyThreadLocal.isDeleteInProcess()) {
195
196 throw new RequiredPasswordPolicyException();
197 }
198
199
200
201 passwordPolicyRelLocalService.deletePasswordPolicyRels(
202 passwordPolicy.getPasswordPolicyId());
203
204
205
206 resourceLocalService.deleteResource(
207 passwordPolicy.getCompanyId(), PasswordPolicy.class.getName(),
208 ResourceConstants.SCOPE_INDIVIDUAL,
209 passwordPolicy.getPasswordPolicyId());
210
211
212
213 return passwordPolicyPersistence.remove(passwordPolicy);
214 }
215
216 @Override
217 public PasswordPolicy fetchPasswordPolicy(long companyId, String name) {
218 return passwordPolicyPersistence.fetchByC_N(companyId, name);
219 }
220
221 @Override
222 public PasswordPolicy getDefaultPasswordPolicy(long companyId)
223 throws PortalException {
224
225 if (LDAPSettingsUtil.isPasswordPolicyEnabled(companyId)) {
226 return null;
227 }
228
229 return passwordPolicyPersistence.findByC_DP(companyId, true);
230 }
231
232 @Override
233 public PasswordPolicy getPasswordPolicy(
234 long companyId, long[] organizationIds)
235 throws PortalException {
236
237 if (LDAPSettingsUtil.isPasswordPolicyEnabled(companyId)) {
238 return null;
239 }
240
241 if (ArrayUtil.isEmpty(organizationIds)) {
242 return getDefaultPasswordPolicy(companyId);
243 }
244
245 long classNameId = classNameLocalService.getClassNameId(
246 Organization.class.getName());
247
248 PasswordPolicyRel passwordPolicyRel = null;
249
250 for (int i = 0; i < organizationIds.length; i++) {
251 long organizationId = organizationIds[i];
252
253 passwordPolicyRel = passwordPolicyRelPersistence.fetchByC_C(
254 classNameId, organizationId);
255
256 if (passwordPolicyRel != null) {
257 return passwordPolicyPersistence.findByPrimaryKey(
258 passwordPolicyRel.getPasswordPolicyId());
259 }
260 }
261
262 return getDefaultPasswordPolicy(companyId);
263 }
264
265 @Override
266 @ThreadLocalCachable
267 public PasswordPolicy getPasswordPolicyByUserId(long userId)
268 throws PortalException {
269
270 User user = userPersistence.findByPrimaryKey(userId);
271
272 if (LDAPSettingsUtil.isPasswordPolicyEnabled(user.getCompanyId())) {
273 return null;
274 }
275
276 long classNameId = classNameLocalService.getClassNameId(
277 User.class.getName());
278
279 PasswordPolicyRel passwordPolicyRel =
280 passwordPolicyRelPersistence.fetchByC_C(classNameId, userId);
281
282 if (passwordPolicyRel != null) {
283 return getPasswordPolicy(passwordPolicyRel.getPasswordPolicyId());
284 }
285
286 long[] organizationIds = userPersistence.getOrganizationPrimaryKeys(
287 userId);
288
289 if (organizationIds.length == 0) {
290 return passwordPolicyPersistence.findByC_DP(
291 user.getCompanyId(), true);
292 }
293
294 return getPasswordPolicy(user.getCompanyId(), organizationIds);
295 }
296
297 @Override
298 public List<PasswordPolicy> search(
299 long companyId, String name, int start, int end,
300 OrderByComparator<PasswordPolicy> obc) {
301
302 return passwordPolicyFinder.findByC_N(companyId, name, start, end, obc);
303 }
304
305 @Override
306 public int searchCount(long companyId, String name) {
307 return passwordPolicyFinder.countByC_N(companyId, name);
308 }
309
310 @Override
311 public PasswordPolicy updatePasswordPolicy(
312 long passwordPolicyId, String name, String description,
313 boolean changeable, boolean changeRequired, long minAge,
314 boolean checkSyntax, boolean allowDictionaryWords,
315 int minAlphanumeric, int minLength, int minLowerCase,
316 int minNumbers, int minSymbols, int minUpperCase, String regex,
317 boolean history, int historyCount, boolean expireable, long maxAge,
318 long warningTime, int graceLimit, boolean lockout, int maxFailure,
319 long lockoutDuration, long resetFailureCount,
320 long resetTicketMaxAge, ServiceContext serviceContext)
321 throws PortalException {
322
323 PasswordPolicy passwordPolicy =
324 passwordPolicyPersistence.findByPrimaryKey(passwordPolicyId);
325
326 if (!passwordPolicy.getDefaultPolicy()) {
327 validate(passwordPolicyId, passwordPolicy.getCompanyId(), name);
328
329 passwordPolicy.setName(name);
330 }
331
332 passwordPolicy.setDescription(description);
333 passwordPolicy.setChangeable(changeable);
334 passwordPolicy.setChangeRequired(changeRequired);
335 passwordPolicy.setMinAge(minAge);
336 passwordPolicy.setCheckSyntax(checkSyntax);
337 passwordPolicy.setAllowDictionaryWords(allowDictionaryWords);
338 passwordPolicy.setMinAlphanumeric(minAlphanumeric);
339 passwordPolicy.setMinLength(minLength);
340 passwordPolicy.setMinLowerCase(minLowerCase);
341 passwordPolicy.setMinNumbers(minNumbers);
342 passwordPolicy.setMinSymbols(minSymbols);
343 passwordPolicy.setMinUpperCase(minUpperCase);
344 passwordPolicy.setRegex(regex);
345 passwordPolicy.setHistory(history);
346 passwordPolicy.setHistoryCount(historyCount);
347 passwordPolicy.setExpireable(expireable);
348 passwordPolicy.setMaxAge(maxAge);
349 passwordPolicy.setWarningTime(warningTime);
350 passwordPolicy.setGraceLimit(graceLimit);
351 passwordPolicy.setLockout(lockout);
352 passwordPolicy.setMaxFailure(maxFailure);
353 passwordPolicy.setLockoutDuration(lockoutDuration);
354 passwordPolicy.setRequireUnlock(lockoutDuration == 0);
355 passwordPolicy.setResetFailureCount(resetFailureCount);
356 passwordPolicy.setResetTicketMaxAge(resetTicketMaxAge);
357 passwordPolicy.setExpandoBridgeAttributes(serviceContext);
358
359 passwordPolicyPersistence.update(passwordPolicy);
360
361 return passwordPolicy;
362 }
363
364 protected void validate(long passwordPolicyId, long companyId, String name)
365 throws PortalException {
366
367 if (Validator.isNull(name) || Validator.isNumber(name) ||
368 (name.indexOf(CharPool.COMMA) != -1) ||
369 (name.indexOf(CharPool.STAR) != -1)) {
370
371 throw new PasswordPolicyNameException();
372 }
373
374 PasswordPolicy passwordPolicy = passwordPolicyPersistence.fetchByC_N(
375 companyId, name);
376
377 if ((passwordPolicy != null) &&
378 (passwordPolicy.getPasswordPolicyId() != passwordPolicyId)) {
379
380 throw new DuplicatePasswordPolicyException(
381 "{passwordPolicyId=" + passwordPolicyId + "}");
382 }
383 }
384
385 }