001    /**
002     * Copyright (c) 2000-present Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.service.impl;
016    
017    import com.liferay.portal.kernel.cache.thread.local.ThreadLocalCachable;
018    import com.liferay.portal.kernel.exception.DuplicatePasswordPolicyException;
019    import com.liferay.portal.kernel.exception.PasswordPolicyNameException;
020    import com.liferay.portal.kernel.exception.PortalException;
021    import com.liferay.portal.kernel.exception.RequiredPasswordPolicyException;
022    import com.liferay.portal.kernel.model.Organization;
023    import com.liferay.portal.kernel.model.PasswordPolicy;
024    import com.liferay.portal.kernel.model.PasswordPolicyRel;
025    import com.liferay.portal.kernel.model.ResourceConstants;
026    import com.liferay.portal.kernel.model.SystemEventConstants;
027    import com.liferay.portal.kernel.model.User;
028    import com.liferay.portal.kernel.security.auth.CompanyThreadLocal;
029    import com.liferay.portal.kernel.security.ldap.LDAPSettingsUtil;
030    import com.liferay.portal.kernel.service.ServiceContext;
031    import com.liferay.portal.kernel.systemevent.SystemEvent;
032    import com.liferay.portal.kernel.util.ArrayUtil;
033    import com.liferay.portal.kernel.util.CharPool;
034    import com.liferay.portal.kernel.util.OrderByComparator;
035    import com.liferay.portal.kernel.util.Validator;
036    import com.liferay.portal.service.base.PasswordPolicyLocalServiceBaseImpl;
037    import com.liferay.portal.util.PropsValues;
038    
039    import java.util.List;
040    
041    /**
042     * @author Scott Lee
043     */
044    public class PasswordPolicyLocalServiceImpl
045            extends PasswordPolicyLocalServiceBaseImpl {
046    
047            @Override
048            public PasswordPolicy addPasswordPolicy(
049                            long userId, boolean defaultPolicy, String name, String description,
050                            boolean changeable, boolean changeRequired, long minAge,
051                            boolean checkSyntax, boolean allowDictionaryWords,
052                            int minAlphanumeric, int minLength, int minLowerCase,
053                            int minNumbers, int minSymbols, int minUpperCase, String regex,
054                            boolean history, int historyCount, boolean expireable, long maxAge,
055                            long warningTime, int graceLimit, boolean lockout, int maxFailure,
056                            long lockoutDuration, long resetFailureCount,
057                            long resetTicketMaxAge, ServiceContext serviceContext)
058                    throws PortalException {
059    
060                    // Password policy
061    
062                    User user = userPersistence.findByPrimaryKey(userId);
063    
064                    validate(0, user.getCompanyId(), name);
065    
066                    long passwordPolicyId = counterLocalService.increment();
067    
068                    PasswordPolicy passwordPolicy = passwordPolicyPersistence.create(
069                            passwordPolicyId);
070    
071                    passwordPolicy.setUuid(serviceContext.getUuid());
072                    passwordPolicy.setCompanyId(user.getCompanyId());
073                    passwordPolicy.setUserId(userId);
074                    passwordPolicy.setUserName(user.getFullName());
075                    passwordPolicy.setDefaultPolicy(defaultPolicy);
076                    passwordPolicy.setName(name);
077                    passwordPolicy.setDescription(description);
078                    passwordPolicy.setChangeable(changeable);
079                    passwordPolicy.setChangeRequired(changeRequired);
080                    passwordPolicy.setMinAge(minAge);
081                    passwordPolicy.setCheckSyntax(checkSyntax);
082                    passwordPolicy.setAllowDictionaryWords(allowDictionaryWords);
083                    passwordPolicy.setMinAlphanumeric(minAlphanumeric);
084                    passwordPolicy.setMinLength(minLength);
085                    passwordPolicy.setMinLowerCase(minLowerCase);
086                    passwordPolicy.setMinNumbers(minNumbers);
087                    passwordPolicy.setMinSymbols(minSymbols);
088                    passwordPolicy.setMinUpperCase(minUpperCase);
089                    passwordPolicy.setRegex(regex);
090                    passwordPolicy.setHistory(history);
091                    passwordPolicy.setHistoryCount(historyCount);
092                    passwordPolicy.setExpireable(expireable);
093                    passwordPolicy.setMaxAge(maxAge);
094                    passwordPolicy.setWarningTime(warningTime);
095                    passwordPolicy.setGraceLimit(graceLimit);
096                    passwordPolicy.setLockout(lockout);
097                    passwordPolicy.setMaxFailure(maxFailure);
098                    passwordPolicy.setLockoutDuration(lockoutDuration);
099                    passwordPolicy.setRequireUnlock(lockoutDuration == 0);
100                    passwordPolicy.setResetFailureCount(resetFailureCount);
101                    passwordPolicy.setResetTicketMaxAge(resetTicketMaxAge);
102                    passwordPolicy.setExpandoBridgeAttributes(serviceContext);
103    
104                    passwordPolicyPersistence.update(passwordPolicy);
105    
106                    // Resources
107    
108                    long ownerId = userId;
109    
110                    if (user.isDefaultUser()) {
111                            ownerId = 0;
112                    }
113    
114                    resourceLocalService.addResources(
115                            user.getCompanyId(), 0, ownerId, PasswordPolicy.class.getName(),
116                            passwordPolicy.getPasswordPolicyId(), false, false, false);
117    
118                    return passwordPolicy;
119            }
120    
121            @Override
122            public void checkDefaultPasswordPolicy(long companyId)
123                    throws PortalException {
124    
125                    String defaultPasswordPolicyName =
126                            PropsValues.PASSWORDS_DEFAULT_POLICY_NAME;
127    
128                    PasswordPolicy defaultPasswordPolicy =
129                            passwordPolicyPersistence.fetchByC_N(
130                                    companyId, defaultPasswordPolicyName);
131    
132                    if (defaultPasswordPolicy == null) {
133                            long defaultUserId = userLocalService.getDefaultUserId(companyId);
134    
135                            addPasswordPolicy(
136                                    defaultUserId, true, defaultPasswordPolicyName,
137                                    defaultPasswordPolicyName,
138                                    PropsValues.PASSWORDS_DEFAULT_POLICY_CHANGEABLE,
139                                    PropsValues.PASSWORDS_DEFAULT_POLICY_CHANGE_REQUIRED,
140                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_AGE,
141                                    PropsValues.PASSWORDS_DEFAULT_POLICY_CHECK_SYNTAX,
142                                    PropsValues.PASSWORDS_DEFAULT_POLICY_ALLOW_DICTIONARY_WORDS,
143                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_ALPHANUMERIC,
144                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_LENGTH,
145                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_LOWERCASE,
146                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_NUMBERS,
147                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_SYMBOLS,
148                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_UPPERCASE,
149                                    PropsValues.PASSWORDS_DEFAULT_POLICY_REGEX,
150                                    PropsValues.PASSWORDS_DEFAULT_POLICY_HISTORY,
151                                    PropsValues.PASSWORDS_DEFAULT_POLICY_HISTORY_COUNT,
152                                    PropsValues.PASSWORDS_DEFAULT_POLICY_EXPIREABLE,
153                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MAX_AGE,
154                                    PropsValues.PASSWORDS_DEFAULT_POLICY_WARNING_TIME,
155                                    PropsValues.PASSWORDS_DEFAULT_POLICY_GRACE_LIMIT,
156                                    PropsValues.PASSWORDS_DEFAULT_POLICY_LOCKOUT,
157                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MAX_FAILURE,
158                                    PropsValues.PASSWORDS_DEFAULT_POLICY_LOCKOUT_DURATION,
159                                    PropsValues.PASSWORDS_DEFAULT_POLICY_RESET_FAILURE_COUNT,
160                                    PropsValues.PASSWORDS_DEFAULT_POLICY_RESET_TICKET_MAX_AGE,
161                                    new ServiceContext());
162                    }
163            }
164    
165            @Override
166            public void deleteNondefaultPasswordPolicies(long companyId)
167                    throws PortalException {
168    
169                    List<PasswordPolicy> passwordPolicies =
170                            passwordPolicyPersistence.findByCompanyId(companyId);
171    
172                    for (PasswordPolicy passwordPolicy : passwordPolicies) {
173                            if (!passwordPolicy.isDefaultPolicy()) {
174                                    passwordPolicyLocalService.deletePasswordPolicy(passwordPolicy);
175                            }
176                    }
177            }
178    
179            @Override
180            public PasswordPolicy deletePasswordPolicy(long passwordPolicyId)
181                    throws PortalException {
182    
183                    PasswordPolicy passwordPolicy =
184                            passwordPolicyPersistence.findByPrimaryKey(passwordPolicyId);
185    
186                    return passwordPolicyLocalService.deletePasswordPolicy(passwordPolicy);
187            }
188    
189            @Override
190            @SystemEvent(
191                    action = SystemEventConstants.ACTION_SKIP,
192                    type = SystemEventConstants.TYPE_DELETE
193            )
194            public PasswordPolicy deletePasswordPolicy(PasswordPolicy passwordPolicy)
195                    throws PortalException {
196    
197                    if (passwordPolicy.isDefaultPolicy() &&
198                            !CompanyThreadLocal.isDeleteInProcess()) {
199    
200                            throw new RequiredPasswordPolicyException();
201                    }
202    
203                    // Password policy relations
204    
205                    passwordPolicyRelLocalService.deletePasswordPolicyRels(
206                            passwordPolicy.getPasswordPolicyId());
207    
208                    // Resources
209    
210                    resourceLocalService.deleteResource(
211                            passwordPolicy.getCompanyId(), PasswordPolicy.class.getName(),
212                            ResourceConstants.SCOPE_INDIVIDUAL,
213                            passwordPolicy.getPasswordPolicyId());
214    
215                    // Password policy
216    
217                    return passwordPolicyPersistence.remove(passwordPolicy);
218            }
219    
220            @Override
221            public PasswordPolicy fetchPasswordPolicy(long companyId, String name) {
222                    return passwordPolicyPersistence.fetchByC_N(companyId, name);
223            }
224    
225            @Override
226            public PasswordPolicy getDefaultPasswordPolicy(long companyId)
227                    throws PortalException {
228    
229                    if (LDAPSettingsUtil.isPasswordPolicyEnabled(companyId)) {
230                            return null;
231                    }
232    
233                    return passwordPolicyPersistence.findByC_DP(companyId, true);
234            }
235    
236            @Override
237            public PasswordPolicy getPasswordPolicy(
238                            long companyId, long[] organizationIds)
239                    throws PortalException {
240    
241                    if (LDAPSettingsUtil.isPasswordPolicyEnabled(companyId)) {
242                            return null;
243                    }
244    
245                    if (ArrayUtil.isEmpty(organizationIds)) {
246                            return getDefaultPasswordPolicy(companyId);
247                    }
248    
249                    long classNameId = classNameLocalService.getClassNameId(
250                            Organization.class.getName());
251    
252                    PasswordPolicyRel passwordPolicyRel = null;
253    
254                    for (int i = 0; i < organizationIds.length; i++) {
255                            long organizationId = organizationIds[i];
256    
257                            passwordPolicyRel = passwordPolicyRelPersistence.fetchByC_C(
258                                    classNameId, organizationId);
259    
260                            if (passwordPolicyRel != null) {
261                                    return passwordPolicyPersistence.findByPrimaryKey(
262                                            passwordPolicyRel.getPasswordPolicyId());
263                            }
264                    }
265    
266                    return getDefaultPasswordPolicy(companyId);
267            }
268    
269            @Override
270            @ThreadLocalCachable
271            public PasswordPolicy getPasswordPolicyByUserId(long userId)
272                    throws PortalException {
273    
274                    User user = userPersistence.findByPrimaryKey(userId);
275    
276                    if (LDAPSettingsUtil.isPasswordPolicyEnabled(user.getCompanyId())) {
277                            return null;
278                    }
279    
280                    long classNameId = classNameLocalService.getClassNameId(
281                            User.class.getName());
282    
283                    PasswordPolicyRel passwordPolicyRel =
284                            passwordPolicyRelPersistence.fetchByC_C(classNameId, userId);
285    
286                    if (passwordPolicyRel != null) {
287                            return getPasswordPolicy(passwordPolicyRel.getPasswordPolicyId());
288                    }
289    
290                    long[] organizationIds = userPersistence.getOrganizationPrimaryKeys(
291                            userId);
292    
293                    if (organizationIds.length == 0) {
294                            return passwordPolicyPersistence.findByC_DP(
295                                    user.getCompanyId(), true);
296                    }
297    
298                    return getPasswordPolicy(user.getCompanyId(), organizationIds);
299            }
300    
301            @Override
302            public List<PasswordPolicy> search(
303                    long companyId, String name, int start, int end,
304                    OrderByComparator<PasswordPolicy> obc) {
305    
306                    return passwordPolicyFinder.findByC_N(companyId, name, start, end, obc);
307            }
308    
309            @Override
310            public int searchCount(long companyId, String name) {
311                    return passwordPolicyFinder.countByC_N(companyId, name);
312            }
313    
314            @Override
315            public PasswordPolicy updatePasswordPolicy(
316                            long passwordPolicyId, String name, String description,
317                            boolean changeable, boolean changeRequired, long minAge,
318                            boolean checkSyntax, boolean allowDictionaryWords,
319                            int minAlphanumeric, int minLength, int minLowerCase,
320                            int minNumbers, int minSymbols, int minUpperCase, String regex,
321                            boolean history, int historyCount, boolean expireable, long maxAge,
322                            long warningTime, int graceLimit, boolean lockout, int maxFailure,
323                            long lockoutDuration, long resetFailureCount,
324                            long resetTicketMaxAge, ServiceContext serviceContext)
325                    throws PortalException {
326    
327                    PasswordPolicy passwordPolicy =
328                            passwordPolicyPersistence.findByPrimaryKey(passwordPolicyId);
329    
330                    if (!passwordPolicy.getDefaultPolicy()) {
331                            validate(passwordPolicyId, passwordPolicy.getCompanyId(), name);
332    
333                            passwordPolicy.setName(name);
334                    }
335    
336                    passwordPolicy.setDescription(description);
337                    passwordPolicy.setChangeable(changeable);
338                    passwordPolicy.setChangeRequired(changeRequired);
339                    passwordPolicy.setMinAge(minAge);
340                    passwordPolicy.setCheckSyntax(checkSyntax);
341                    passwordPolicy.setAllowDictionaryWords(allowDictionaryWords);
342                    passwordPolicy.setMinAlphanumeric(minAlphanumeric);
343                    passwordPolicy.setMinLength(minLength);
344                    passwordPolicy.setMinLowerCase(minLowerCase);
345                    passwordPolicy.setMinNumbers(minNumbers);
346                    passwordPolicy.setMinSymbols(minSymbols);
347                    passwordPolicy.setMinUpperCase(minUpperCase);
348                    passwordPolicy.setRegex(regex);
349                    passwordPolicy.setHistory(history);
350                    passwordPolicy.setHistoryCount(historyCount);
351                    passwordPolicy.setExpireable(expireable);
352                    passwordPolicy.setMaxAge(maxAge);
353                    passwordPolicy.setWarningTime(warningTime);
354                    passwordPolicy.setGraceLimit(graceLimit);
355                    passwordPolicy.setLockout(lockout);
356                    passwordPolicy.setMaxFailure(maxFailure);
357                    passwordPolicy.setLockoutDuration(lockoutDuration);
358                    passwordPolicy.setRequireUnlock(lockoutDuration == 0);
359                    passwordPolicy.setResetFailureCount(resetFailureCount);
360                    passwordPolicy.setResetTicketMaxAge(resetTicketMaxAge);
361                    passwordPolicy.setExpandoBridgeAttributes(serviceContext);
362    
363                    passwordPolicyPersistence.update(passwordPolicy);
364    
365                    return passwordPolicy;
366            }
367    
368            protected void validate(long passwordPolicyId, long companyId, String name)
369                    throws PortalException {
370    
371                    if (Validator.isNull(name) || Validator.isNumber(name) ||
372                            (name.indexOf(CharPool.COMMA) != -1) ||
373                            (name.indexOf(CharPool.STAR) != -1)) {
374    
375                            throw new PasswordPolicyNameException();
376                    }
377    
378                    PasswordPolicy passwordPolicy = passwordPolicyPersistence.fetchByC_N(
379                            companyId, name);
380    
381                    if ((passwordPolicy != null) &&
382                            (passwordPolicy.getPasswordPolicyId() != passwordPolicyId)) {
383    
384                            throw new DuplicatePasswordPolicyException(
385                                    "{passwordPolicyId=" + passwordPolicyId + "}");
386                    }
387            }
388    
389    }