001    /**
002     * Copyright (c) 2000-present Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.service.impl;
016    
017    import com.liferay.portal.kernel.cache.thread.local.ThreadLocalCachable;
018    import com.liferay.portal.kernel.exception.DuplicatePasswordPolicyException;
019    import com.liferay.portal.kernel.exception.PasswordPolicyNameException;
020    import com.liferay.portal.kernel.exception.PortalException;
021    import com.liferay.portal.kernel.exception.RequiredPasswordPolicyException;
022    import com.liferay.portal.kernel.model.Organization;
023    import com.liferay.portal.kernel.model.PasswordPolicy;
024    import com.liferay.portal.kernel.model.PasswordPolicyRel;
025    import com.liferay.portal.kernel.model.ResourceConstants;
026    import com.liferay.portal.kernel.model.SystemEventConstants;
027    import com.liferay.portal.kernel.model.User;
028    import com.liferay.portal.kernel.security.auth.CompanyThreadLocal;
029    import com.liferay.portal.kernel.security.ldap.LDAPSettingsUtil;
030    import com.liferay.portal.kernel.service.ServiceContext;
031    import com.liferay.portal.kernel.systemevent.SystemEvent;
032    import com.liferay.portal.kernel.util.ArrayUtil;
033    import com.liferay.portal.kernel.util.CharPool;
034    import com.liferay.portal.kernel.util.OrderByComparator;
035    import com.liferay.portal.kernel.util.Validator;
036    import com.liferay.portal.service.base.PasswordPolicyLocalServiceBaseImpl;
037    import com.liferay.portal.util.PropsValues;
038    
039    import java.util.List;
040    
041    /**
042     * @author Scott Lee
043     */
044    public class PasswordPolicyLocalServiceImpl
045            extends PasswordPolicyLocalServiceBaseImpl {
046    
047            @Override
048            public PasswordPolicy addPasswordPolicy(
049                            long userId, boolean defaultPolicy, String name, String description,
050                            boolean changeable, boolean changeRequired, long minAge,
051                            boolean checkSyntax, boolean allowDictionaryWords,
052                            int minAlphanumeric, int minLength, int minLowerCase,
053                            int minNumbers, int minSymbols, int minUpperCase, String regex,
054                            boolean history, int historyCount, boolean expireable, long maxAge,
055                            long warningTime, int graceLimit, boolean lockout, int maxFailure,
056                            long lockoutDuration, long resetFailureCount,
057                            long resetTicketMaxAge, ServiceContext serviceContext)
058                    throws PortalException {
059    
060                    // Password policy
061    
062                    User user = userPersistence.findByPrimaryKey(userId);
063    
064                    validate(0, user.getCompanyId(), name);
065    
066                    long passwordPolicyId = counterLocalService.increment();
067    
068                    PasswordPolicy passwordPolicy = passwordPolicyPersistence.create(
069                            passwordPolicyId);
070    
071                    passwordPolicy.setUuid(serviceContext.getUuid());
072                    passwordPolicy.setCompanyId(user.getCompanyId());
073                    passwordPolicy.setUserId(userId);
074                    passwordPolicy.setUserName(user.getFullName());
075                    passwordPolicy.setDefaultPolicy(defaultPolicy);
076                    passwordPolicy.setName(name);
077                    passwordPolicy.setDescription(description);
078                    passwordPolicy.setChangeable(changeable);
079                    passwordPolicy.setChangeRequired(changeRequired);
080                    passwordPolicy.setMinAge(minAge);
081                    passwordPolicy.setCheckSyntax(checkSyntax);
082                    passwordPolicy.setAllowDictionaryWords(allowDictionaryWords);
083                    passwordPolicy.setMinAlphanumeric(minAlphanumeric);
084                    passwordPolicy.setMinLength(minLength);
085                    passwordPolicy.setMinLowerCase(minLowerCase);
086                    passwordPolicy.setMinNumbers(minNumbers);
087                    passwordPolicy.setMinSymbols(minSymbols);
088                    passwordPolicy.setMinUpperCase(minUpperCase);
089                    passwordPolicy.setRegex(regex);
090                    passwordPolicy.setHistory(history);
091                    passwordPolicy.setHistoryCount(historyCount);
092                    passwordPolicy.setExpireable(expireable);
093                    passwordPolicy.setMaxAge(maxAge);
094                    passwordPolicy.setWarningTime(warningTime);
095                    passwordPolicy.setGraceLimit(graceLimit);
096                    passwordPolicy.setLockout(lockout);
097                    passwordPolicy.setMaxFailure(maxFailure);
098                    passwordPolicy.setLockoutDuration(lockoutDuration);
099                    passwordPolicy.setRequireUnlock(lockoutDuration == 0);
100                    passwordPolicy.setResetFailureCount(resetFailureCount);
101                    passwordPolicy.setResetTicketMaxAge(resetTicketMaxAge);
102                    passwordPolicy.setExpandoBridgeAttributes(serviceContext);
103    
104                    passwordPolicyPersistence.update(passwordPolicy);
105    
106                    // Resources
107    
108                    if (!user.isDefaultUser()) {
109                            resourceLocalService.addResources(
110                                    user.getCompanyId(), 0, userId, PasswordPolicy.class.getName(),
111                                    passwordPolicy.getPasswordPolicyId(), false, false, false);
112                    }
113    
114                    return passwordPolicy;
115            }
116    
117            @Override
118            public void checkDefaultPasswordPolicy(long companyId)
119                    throws PortalException {
120    
121                    String defaultPasswordPolicyName =
122                            PropsValues.PASSWORDS_DEFAULT_POLICY_NAME;
123    
124                    PasswordPolicy defaultPasswordPolicy =
125                            passwordPolicyPersistence.fetchByC_N(
126                                    companyId, defaultPasswordPolicyName);
127    
128                    if (defaultPasswordPolicy == null) {
129                            long defaultUserId = userLocalService.getDefaultUserId(companyId);
130    
131                            addPasswordPolicy(
132                                    defaultUserId, true, defaultPasswordPolicyName,
133                                    defaultPasswordPolicyName,
134                                    PropsValues.PASSWORDS_DEFAULT_POLICY_CHANGEABLE,
135                                    PropsValues.PASSWORDS_DEFAULT_POLICY_CHANGE_REQUIRED,
136                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_AGE,
137                                    PropsValues.PASSWORDS_DEFAULT_POLICY_CHECK_SYNTAX,
138                                    PropsValues.PASSWORDS_DEFAULT_POLICY_ALLOW_DICTIONARY_WORDS,
139                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_ALPHANUMERIC,
140                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_LENGTH,
141                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_LOWERCASE,
142                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_NUMBERS,
143                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_SYMBOLS,
144                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_UPPERCASE,
145                                    PropsValues.PASSWORDS_DEFAULT_POLICY_REGEX,
146                                    PropsValues.PASSWORDS_DEFAULT_POLICY_HISTORY,
147                                    PropsValues.PASSWORDS_DEFAULT_POLICY_HISTORY_COUNT,
148                                    PropsValues.PASSWORDS_DEFAULT_POLICY_EXPIREABLE,
149                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MAX_AGE,
150                                    PropsValues.PASSWORDS_DEFAULT_POLICY_WARNING_TIME,
151                                    PropsValues.PASSWORDS_DEFAULT_POLICY_GRACE_LIMIT,
152                                    PropsValues.PASSWORDS_DEFAULT_POLICY_LOCKOUT,
153                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MAX_FAILURE,
154                                    PropsValues.PASSWORDS_DEFAULT_POLICY_LOCKOUT_DURATION,
155                                    PropsValues.PASSWORDS_DEFAULT_POLICY_RESET_FAILURE_COUNT,
156                                    PropsValues.PASSWORDS_DEFAULT_POLICY_RESET_TICKET_MAX_AGE,
157                                    new ServiceContext());
158                    }
159            }
160    
161            @Override
162            public void deleteNondefaultPasswordPolicies(long companyId)
163                    throws PortalException {
164    
165                    List<PasswordPolicy> passwordPolicies =
166                            passwordPolicyPersistence.findByCompanyId(companyId);
167    
168                    for (PasswordPolicy passwordPolicy : passwordPolicies) {
169                            if (!passwordPolicy.isDefaultPolicy()) {
170                                    passwordPolicyLocalService.deletePasswordPolicy(passwordPolicy);
171                            }
172                    }
173            }
174    
175            @Override
176            public PasswordPolicy deletePasswordPolicy(long passwordPolicyId)
177                    throws PortalException {
178    
179                    PasswordPolicy passwordPolicy =
180                            passwordPolicyPersistence.findByPrimaryKey(passwordPolicyId);
181    
182                    return passwordPolicyLocalService.deletePasswordPolicy(passwordPolicy);
183            }
184    
185            @Override
186            @SystemEvent(
187                    action = SystemEventConstants.ACTION_SKIP,
188                    type = SystemEventConstants.TYPE_DELETE
189            )
190            public PasswordPolicy deletePasswordPolicy(PasswordPolicy passwordPolicy)
191                    throws PortalException {
192    
193                    if (passwordPolicy.isDefaultPolicy() &&
194                            !CompanyThreadLocal.isDeleteInProcess()) {
195    
196                            throw new RequiredPasswordPolicyException();
197                    }
198    
199                    // Password policy relations
200    
201                    passwordPolicyRelLocalService.deletePasswordPolicyRels(
202                            passwordPolicy.getPasswordPolicyId());
203    
204                    // Resources
205    
206                    resourceLocalService.deleteResource(
207                            passwordPolicy.getCompanyId(), PasswordPolicy.class.getName(),
208                            ResourceConstants.SCOPE_INDIVIDUAL,
209                            passwordPolicy.getPasswordPolicyId());
210    
211                    // Password policy
212    
213                    return passwordPolicyPersistence.remove(passwordPolicy);
214            }
215    
216            @Override
217            public PasswordPolicy fetchPasswordPolicy(long companyId, String name) {
218                    return passwordPolicyPersistence.fetchByC_N(companyId, name);
219            }
220    
221            @Override
222            public PasswordPolicy getDefaultPasswordPolicy(long companyId)
223                    throws PortalException {
224    
225                    if (LDAPSettingsUtil.isPasswordPolicyEnabled(companyId)) {
226                            return null;
227                    }
228    
229                    return passwordPolicyPersistence.findByC_DP(companyId, true);
230            }
231    
232            @Override
233            public PasswordPolicy getPasswordPolicy(
234                            long companyId, long[] organizationIds)
235                    throws PortalException {
236    
237                    if (LDAPSettingsUtil.isPasswordPolicyEnabled(companyId)) {
238                            return null;
239                    }
240    
241                    if (ArrayUtil.isEmpty(organizationIds)) {
242                            return getDefaultPasswordPolicy(companyId);
243                    }
244    
245                    long classNameId = classNameLocalService.getClassNameId(
246                            Organization.class.getName());
247    
248                    PasswordPolicyRel passwordPolicyRel = null;
249    
250                    for (int i = 0; i < organizationIds.length; i++) {
251                            long organizationId = organizationIds[i];
252    
253                            passwordPolicyRel = passwordPolicyRelPersistence.fetchByC_C(
254                                    classNameId, organizationId);
255    
256                            if (passwordPolicyRel != null) {
257                                    return passwordPolicyPersistence.findByPrimaryKey(
258                                            passwordPolicyRel.getPasswordPolicyId());
259                            }
260                    }
261    
262                    return getDefaultPasswordPolicy(companyId);
263            }
264    
265            @Override
266            @ThreadLocalCachable
267            public PasswordPolicy getPasswordPolicyByUserId(long userId)
268                    throws PortalException {
269    
270                    User user = userPersistence.findByPrimaryKey(userId);
271    
272                    if (LDAPSettingsUtil.isPasswordPolicyEnabled(user.getCompanyId())) {
273                            return null;
274                    }
275    
276                    long classNameId = classNameLocalService.getClassNameId(
277                            User.class.getName());
278    
279                    PasswordPolicyRel passwordPolicyRel =
280                            passwordPolicyRelPersistence.fetchByC_C(classNameId, userId);
281    
282                    if (passwordPolicyRel != null) {
283                            return getPasswordPolicy(passwordPolicyRel.getPasswordPolicyId());
284                    }
285    
286                    long[] organizationIds = userPersistence.getOrganizationPrimaryKeys(
287                            userId);
288    
289                    if (organizationIds.length == 0) {
290                            return passwordPolicyPersistence.findByC_DP(
291                                    user.getCompanyId(), true);
292                    }
293    
294                    return getPasswordPolicy(user.getCompanyId(), organizationIds);
295            }
296    
297            @Override
298            public List<PasswordPolicy> search(
299                    long companyId, String name, int start, int end,
300                    OrderByComparator<PasswordPolicy> obc) {
301    
302                    return passwordPolicyFinder.findByC_N(companyId, name, start, end, obc);
303            }
304    
305            @Override
306            public int searchCount(long companyId, String name) {
307                    return passwordPolicyFinder.countByC_N(companyId, name);
308            }
309    
310            @Override
311            public PasswordPolicy updatePasswordPolicy(
312                            long passwordPolicyId, String name, String description,
313                            boolean changeable, boolean changeRequired, long minAge,
314                            boolean checkSyntax, boolean allowDictionaryWords,
315                            int minAlphanumeric, int minLength, int minLowerCase,
316                            int minNumbers, int minSymbols, int minUpperCase, String regex,
317                            boolean history, int historyCount, boolean expireable, long maxAge,
318                            long warningTime, int graceLimit, boolean lockout, int maxFailure,
319                            long lockoutDuration, long resetFailureCount,
320                            long resetTicketMaxAge, ServiceContext serviceContext)
321                    throws PortalException {
322    
323                    PasswordPolicy passwordPolicy =
324                            passwordPolicyPersistence.findByPrimaryKey(passwordPolicyId);
325    
326                    if (!passwordPolicy.getDefaultPolicy()) {
327                            validate(passwordPolicyId, passwordPolicy.getCompanyId(), name);
328    
329                            passwordPolicy.setName(name);
330                    }
331    
332                    passwordPolicy.setDescription(description);
333                    passwordPolicy.setChangeable(changeable);
334                    passwordPolicy.setChangeRequired(changeRequired);
335                    passwordPolicy.setMinAge(minAge);
336                    passwordPolicy.setCheckSyntax(checkSyntax);
337                    passwordPolicy.setAllowDictionaryWords(allowDictionaryWords);
338                    passwordPolicy.setMinAlphanumeric(minAlphanumeric);
339                    passwordPolicy.setMinLength(minLength);
340                    passwordPolicy.setMinLowerCase(minLowerCase);
341                    passwordPolicy.setMinNumbers(minNumbers);
342                    passwordPolicy.setMinSymbols(minSymbols);
343                    passwordPolicy.setMinUpperCase(minUpperCase);
344                    passwordPolicy.setRegex(regex);
345                    passwordPolicy.setHistory(history);
346                    passwordPolicy.setHistoryCount(historyCount);
347                    passwordPolicy.setExpireable(expireable);
348                    passwordPolicy.setMaxAge(maxAge);
349                    passwordPolicy.setWarningTime(warningTime);
350                    passwordPolicy.setGraceLimit(graceLimit);
351                    passwordPolicy.setLockout(lockout);
352                    passwordPolicy.setMaxFailure(maxFailure);
353                    passwordPolicy.setLockoutDuration(lockoutDuration);
354                    passwordPolicy.setRequireUnlock(lockoutDuration == 0);
355                    passwordPolicy.setResetFailureCount(resetFailureCount);
356                    passwordPolicy.setResetTicketMaxAge(resetTicketMaxAge);
357                    passwordPolicy.setExpandoBridgeAttributes(serviceContext);
358    
359                    passwordPolicyPersistence.update(passwordPolicy);
360    
361                    return passwordPolicy;
362            }
363    
364            protected void validate(long passwordPolicyId, long companyId, String name)
365                    throws PortalException {
366    
367                    if (Validator.isNull(name) || Validator.isNumber(name) ||
368                            (name.indexOf(CharPool.COMMA) != -1) ||
369                            (name.indexOf(CharPool.STAR) != -1)) {
370    
371                            throw new PasswordPolicyNameException();
372                    }
373    
374                    PasswordPolicy passwordPolicy = passwordPolicyPersistence.fetchByC_N(
375                            companyId, name);
376    
377                    if ((passwordPolicy != null) &&
378                            (passwordPolicy.getPasswordPolicyId() != passwordPolicyId)) {
379    
380                            throw new DuplicatePasswordPolicyException(
381                                    "{passwordPolicyId=" + passwordPolicyId + "}");
382                    }
383            }
384    
385    }