001
014
015 package com.liferay.portal.service.impl;
016
017 import com.liferay.portal.kernel.cache.thread.local.ThreadLocalCachable;
018 import com.liferay.portal.kernel.exception.DuplicatePasswordPolicyException;
019 import com.liferay.portal.kernel.exception.PasswordPolicyNameException;
020 import com.liferay.portal.kernel.exception.PortalException;
021 import com.liferay.portal.kernel.exception.RequiredPasswordPolicyException;
022 import com.liferay.portal.kernel.model.Organization;
023 import com.liferay.portal.kernel.model.PasswordPolicy;
024 import com.liferay.portal.kernel.model.PasswordPolicyRel;
025 import com.liferay.portal.kernel.model.ResourceConstants;
026 import com.liferay.portal.kernel.model.SystemEventConstants;
027 import com.liferay.portal.kernel.model.User;
028 import com.liferay.portal.kernel.security.auth.CompanyThreadLocal;
029 import com.liferay.portal.kernel.security.ldap.LDAPSettingsUtil;
030 import com.liferay.portal.kernel.service.ServiceContext;
031 import com.liferay.portal.kernel.systemevent.SystemEvent;
032 import com.liferay.portal.kernel.util.ArrayUtil;
033 import com.liferay.portal.kernel.util.CharPool;
034 import com.liferay.portal.kernel.util.OrderByComparator;
035 import com.liferay.portal.kernel.util.Validator;
036 import com.liferay.portal.service.base.PasswordPolicyLocalServiceBaseImpl;
037 import com.liferay.portal.util.PropsValues;
038
039 import java.util.List;
040
041
044 public class PasswordPolicyLocalServiceImpl
045 extends PasswordPolicyLocalServiceBaseImpl {
046
047 @Override
048 public PasswordPolicy addPasswordPolicy(
049 long userId, boolean defaultPolicy, String name, String description,
050 boolean changeable, boolean changeRequired, long minAge,
051 boolean checkSyntax, boolean allowDictionaryWords,
052 int minAlphanumeric, int minLength, int minLowerCase,
053 int minNumbers, int minSymbols, int minUpperCase, String regex,
054 boolean history, int historyCount, boolean expireable, long maxAge,
055 long warningTime, int graceLimit, boolean lockout, int maxFailure,
056 long lockoutDuration, long resetFailureCount,
057 long resetTicketMaxAge, ServiceContext serviceContext)
058 throws PortalException {
059
060
061
062 User user = userPersistence.findByPrimaryKey(userId);
063
064 validate(0, user.getCompanyId(), name);
065
066 long passwordPolicyId = counterLocalService.increment();
067
068 PasswordPolicy passwordPolicy = passwordPolicyPersistence.create(
069 passwordPolicyId);
070
071 passwordPolicy.setUuid(serviceContext.getUuid());
072 passwordPolicy.setCompanyId(user.getCompanyId());
073 passwordPolicy.setUserId(userId);
074 passwordPolicy.setUserName(user.getFullName());
075 passwordPolicy.setDefaultPolicy(defaultPolicy);
076 passwordPolicy.setName(name);
077 passwordPolicy.setDescription(description);
078 passwordPolicy.setChangeable(changeable);
079 passwordPolicy.setChangeRequired(changeRequired);
080 passwordPolicy.setMinAge(minAge);
081 passwordPolicy.setCheckSyntax(checkSyntax);
082 passwordPolicy.setAllowDictionaryWords(allowDictionaryWords);
083 passwordPolicy.setMinAlphanumeric(minAlphanumeric);
084 passwordPolicy.setMinLength(minLength);
085 passwordPolicy.setMinLowerCase(minLowerCase);
086 passwordPolicy.setMinNumbers(minNumbers);
087 passwordPolicy.setMinSymbols(minSymbols);
088 passwordPolicy.setMinUpperCase(minUpperCase);
089 passwordPolicy.setRegex(regex);
090 passwordPolicy.setHistory(history);
091 passwordPolicy.setHistoryCount(historyCount);
092 passwordPolicy.setExpireable(expireable);
093 passwordPolicy.setMaxAge(maxAge);
094 passwordPolicy.setWarningTime(warningTime);
095 passwordPolicy.setGraceLimit(graceLimit);
096 passwordPolicy.setLockout(lockout);
097 passwordPolicy.setMaxFailure(maxFailure);
098 passwordPolicy.setLockoutDuration(lockoutDuration);
099 passwordPolicy.setRequireUnlock(lockoutDuration == 0);
100 passwordPolicy.setResetFailureCount(resetFailureCount);
101 passwordPolicy.setResetTicketMaxAge(resetTicketMaxAge);
102 passwordPolicy.setExpandoBridgeAttributes(serviceContext);
103
104 passwordPolicyPersistence.update(passwordPolicy);
105
106
107
108 long ownerId = userId;
109
110 if (user.isDefaultUser()) {
111 ownerId = 0;
112 }
113
114 resourceLocalService.addResources(
115 user.getCompanyId(), 0, ownerId, PasswordPolicy.class.getName(),
116 passwordPolicy.getPasswordPolicyId(), false, false, false);
117
118 return passwordPolicy;
119 }
120
121 @Override
122 public void checkDefaultPasswordPolicy(long companyId)
123 throws PortalException {
124
125 String defaultPasswordPolicyName =
126 PropsValues.PASSWORDS_DEFAULT_POLICY_NAME;
127
128 PasswordPolicy defaultPasswordPolicy =
129 passwordPolicyPersistence.fetchByC_N(
130 companyId, defaultPasswordPolicyName);
131
132 if (defaultPasswordPolicy == null) {
133 long defaultUserId = userLocalService.getDefaultUserId(companyId);
134
135 addPasswordPolicy(
136 defaultUserId, true, defaultPasswordPolicyName,
137 defaultPasswordPolicyName,
138 PropsValues.PASSWORDS_DEFAULT_POLICY_CHANGEABLE,
139 PropsValues.PASSWORDS_DEFAULT_POLICY_CHANGE_REQUIRED,
140 PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_AGE,
141 PropsValues.PASSWORDS_DEFAULT_POLICY_CHECK_SYNTAX,
142 PropsValues.PASSWORDS_DEFAULT_POLICY_ALLOW_DICTIONARY_WORDS,
143 PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_ALPHANUMERIC,
144 PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_LENGTH,
145 PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_LOWERCASE,
146 PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_NUMBERS,
147 PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_SYMBOLS,
148 PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_UPPERCASE,
149 PropsValues.PASSWORDS_DEFAULT_POLICY_REGEX,
150 PropsValues.PASSWORDS_DEFAULT_POLICY_HISTORY,
151 PropsValues.PASSWORDS_DEFAULT_POLICY_HISTORY_COUNT,
152 PropsValues.PASSWORDS_DEFAULT_POLICY_EXPIREABLE,
153 PropsValues.PASSWORDS_DEFAULT_POLICY_MAX_AGE,
154 PropsValues.PASSWORDS_DEFAULT_POLICY_WARNING_TIME,
155 PropsValues.PASSWORDS_DEFAULT_POLICY_GRACE_LIMIT,
156 PropsValues.PASSWORDS_DEFAULT_POLICY_LOCKOUT,
157 PropsValues.PASSWORDS_DEFAULT_POLICY_MAX_FAILURE,
158 PropsValues.PASSWORDS_DEFAULT_POLICY_LOCKOUT_DURATION,
159 PropsValues.PASSWORDS_DEFAULT_POLICY_RESET_FAILURE_COUNT,
160 PropsValues.PASSWORDS_DEFAULT_POLICY_RESET_TICKET_MAX_AGE,
161 new ServiceContext());
162 }
163 }
164
165 @Override
166 public void deleteNondefaultPasswordPolicies(long companyId)
167 throws PortalException {
168
169 List<PasswordPolicy> passwordPolicies =
170 passwordPolicyPersistence.findByCompanyId(companyId);
171
172 for (PasswordPolicy passwordPolicy : passwordPolicies) {
173 if (!passwordPolicy.isDefaultPolicy()) {
174 passwordPolicyLocalService.deletePasswordPolicy(passwordPolicy);
175 }
176 }
177 }
178
179 @Override
180 public PasswordPolicy deletePasswordPolicy(long passwordPolicyId)
181 throws PortalException {
182
183 PasswordPolicy passwordPolicy =
184 passwordPolicyPersistence.findByPrimaryKey(passwordPolicyId);
185
186 return passwordPolicyLocalService.deletePasswordPolicy(passwordPolicy);
187 }
188
189 @Override
190 @SystemEvent(
191 action = SystemEventConstants.ACTION_SKIP,
192 type = SystemEventConstants.TYPE_DELETE
193 )
194 public PasswordPolicy deletePasswordPolicy(PasswordPolicy passwordPolicy)
195 throws PortalException {
196
197 if (passwordPolicy.isDefaultPolicy() &&
198 !CompanyThreadLocal.isDeleteInProcess()) {
199
200 throw new RequiredPasswordPolicyException();
201 }
202
203
204
205 passwordPolicyRelLocalService.deletePasswordPolicyRels(
206 passwordPolicy.getPasswordPolicyId());
207
208
209
210 resourceLocalService.deleteResource(
211 passwordPolicy.getCompanyId(), PasswordPolicy.class.getName(),
212 ResourceConstants.SCOPE_INDIVIDUAL,
213 passwordPolicy.getPasswordPolicyId());
214
215
216
217 return passwordPolicyPersistence.remove(passwordPolicy);
218 }
219
220 @Override
221 public PasswordPolicy fetchPasswordPolicy(long companyId, String name) {
222 return passwordPolicyPersistence.fetchByC_N(companyId, name);
223 }
224
225 @Override
226 public PasswordPolicy getDefaultPasswordPolicy(long companyId)
227 throws PortalException {
228
229 if (LDAPSettingsUtil.isPasswordPolicyEnabled(companyId)) {
230 return null;
231 }
232
233 return passwordPolicyPersistence.findByC_DP(companyId, true);
234 }
235
236 @Override
237 public PasswordPolicy getPasswordPolicy(
238 long companyId, long[] organizationIds)
239 throws PortalException {
240
241 if (LDAPSettingsUtil.isPasswordPolicyEnabled(companyId)) {
242 return null;
243 }
244
245 if (ArrayUtil.isEmpty(organizationIds)) {
246 return getDefaultPasswordPolicy(companyId);
247 }
248
249 long classNameId = classNameLocalService.getClassNameId(
250 Organization.class.getName());
251
252 PasswordPolicyRel passwordPolicyRel = null;
253
254 for (int i = 0; i < organizationIds.length; i++) {
255 long organizationId = organizationIds[i];
256
257 passwordPolicyRel = passwordPolicyRelPersistence.fetchByC_C(
258 classNameId, organizationId);
259
260 if (passwordPolicyRel != null) {
261 return passwordPolicyPersistence.findByPrimaryKey(
262 passwordPolicyRel.getPasswordPolicyId());
263 }
264 }
265
266 return getDefaultPasswordPolicy(companyId);
267 }
268
269 @Override
270 @ThreadLocalCachable
271 public PasswordPolicy getPasswordPolicyByUserId(long userId)
272 throws PortalException {
273
274 User user = userPersistence.findByPrimaryKey(userId);
275
276 if (LDAPSettingsUtil.isPasswordPolicyEnabled(user.getCompanyId())) {
277 return null;
278 }
279
280 long classNameId = classNameLocalService.getClassNameId(
281 User.class.getName());
282
283 PasswordPolicyRel passwordPolicyRel =
284 passwordPolicyRelPersistence.fetchByC_C(classNameId, userId);
285
286 if (passwordPolicyRel != null) {
287 return getPasswordPolicy(passwordPolicyRel.getPasswordPolicyId());
288 }
289
290 long[] organizationIds = userPersistence.getOrganizationPrimaryKeys(
291 userId);
292
293 if (organizationIds.length == 0) {
294 return passwordPolicyPersistence.findByC_DP(
295 user.getCompanyId(), true);
296 }
297
298 return getPasswordPolicy(user.getCompanyId(), organizationIds);
299 }
300
301 @Override
302 public List<PasswordPolicy> search(
303 long companyId, String name, int start, int end,
304 OrderByComparator<PasswordPolicy> obc) {
305
306 return passwordPolicyFinder.findByC_N(companyId, name, start, end, obc);
307 }
308
309 @Override
310 public int searchCount(long companyId, String name) {
311 return passwordPolicyFinder.countByC_N(companyId, name);
312 }
313
314 @Override
315 public PasswordPolicy updatePasswordPolicy(
316 long passwordPolicyId, String name, String description,
317 boolean changeable, boolean changeRequired, long minAge,
318 boolean checkSyntax, boolean allowDictionaryWords,
319 int minAlphanumeric, int minLength, int minLowerCase,
320 int minNumbers, int minSymbols, int minUpperCase, String regex,
321 boolean history, int historyCount, boolean expireable, long maxAge,
322 long warningTime, int graceLimit, boolean lockout, int maxFailure,
323 long lockoutDuration, long resetFailureCount,
324 long resetTicketMaxAge, ServiceContext serviceContext)
325 throws PortalException {
326
327 PasswordPolicy passwordPolicy =
328 passwordPolicyPersistence.findByPrimaryKey(passwordPolicyId);
329
330 if (!passwordPolicy.getDefaultPolicy()) {
331 validate(passwordPolicyId, passwordPolicy.getCompanyId(), name);
332
333 passwordPolicy.setName(name);
334 }
335
336 passwordPolicy.setDescription(description);
337 passwordPolicy.setChangeable(changeable);
338 passwordPolicy.setChangeRequired(changeRequired);
339 passwordPolicy.setMinAge(minAge);
340 passwordPolicy.setCheckSyntax(checkSyntax);
341 passwordPolicy.setAllowDictionaryWords(allowDictionaryWords);
342 passwordPolicy.setMinAlphanumeric(minAlphanumeric);
343 passwordPolicy.setMinLength(minLength);
344 passwordPolicy.setMinLowerCase(minLowerCase);
345 passwordPolicy.setMinNumbers(minNumbers);
346 passwordPolicy.setMinSymbols(minSymbols);
347 passwordPolicy.setMinUpperCase(minUpperCase);
348 passwordPolicy.setRegex(regex);
349 passwordPolicy.setHistory(history);
350 passwordPolicy.setHistoryCount(historyCount);
351 passwordPolicy.setExpireable(expireable);
352 passwordPolicy.setMaxAge(maxAge);
353 passwordPolicy.setWarningTime(warningTime);
354 passwordPolicy.setGraceLimit(graceLimit);
355 passwordPolicy.setLockout(lockout);
356 passwordPolicy.setMaxFailure(maxFailure);
357 passwordPolicy.setLockoutDuration(lockoutDuration);
358 passwordPolicy.setRequireUnlock(lockoutDuration == 0);
359 passwordPolicy.setResetFailureCount(resetFailureCount);
360 passwordPolicy.setResetTicketMaxAge(resetTicketMaxAge);
361 passwordPolicy.setExpandoBridgeAttributes(serviceContext);
362
363 passwordPolicyPersistence.update(passwordPolicy);
364
365 return passwordPolicy;
366 }
367
368 protected void validate(long passwordPolicyId, long companyId, String name)
369 throws PortalException {
370
371 if (Validator.isNull(name) || Validator.isNumber(name) ||
372 (name.indexOf(CharPool.COMMA) != -1) ||
373 (name.indexOf(CharPool.STAR) != -1)) {
374
375 throw new PasswordPolicyNameException();
376 }
377
378 PasswordPolicy passwordPolicy = passwordPolicyPersistence.fetchByC_N(
379 companyId, name);
380
381 if ((passwordPolicy != null) &&
382 (passwordPolicy.getPasswordPolicyId() != passwordPolicyId)) {
383
384 throw new DuplicatePasswordPolicyException(
385 "{passwordPolicyId=" + passwordPolicyId + "}");
386 }
387 }
388
389 }