001    /**
002     * Copyright (c) 2000-present Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.service.impl;
016    
017    import com.liferay.portal.DuplicatePasswordPolicyException;
018    import com.liferay.portal.PasswordPolicyNameException;
019    import com.liferay.portal.RequiredPasswordPolicyException;
020    import com.liferay.portal.kernel.cache.ThreadLocalCachable;
021    import com.liferay.portal.kernel.exception.PortalException;
022    import com.liferay.portal.kernel.systemevent.SystemEvent;
023    import com.liferay.portal.kernel.util.ArrayUtil;
024    import com.liferay.portal.kernel.util.CharPool;
025    import com.liferay.portal.kernel.util.OrderByComparator;
026    import com.liferay.portal.kernel.util.Validator;
027    import com.liferay.portal.model.Organization;
028    import com.liferay.portal.model.PasswordPolicy;
029    import com.liferay.portal.model.PasswordPolicyRel;
030    import com.liferay.portal.model.ResourceConstants;
031    import com.liferay.portal.model.SystemEventConstants;
032    import com.liferay.portal.model.User;
033    import com.liferay.portal.security.auth.CompanyThreadLocal;
034    import com.liferay.portal.security.ldap.LDAPSettingsUtil;
035    import com.liferay.portal.service.ServiceContext;
036    import com.liferay.portal.service.base.PasswordPolicyLocalServiceBaseImpl;
037    import com.liferay.portal.util.PropsValues;
038    
039    import java.util.Date;
040    import java.util.List;
041    
042    /**
043     * @author Scott Lee
044     */
045    public class PasswordPolicyLocalServiceImpl
046            extends PasswordPolicyLocalServiceBaseImpl {
047    
048            /**
049             * @deprecated As of 6.2.0, replaced by {@link #addPasswordPolicy(long,
050             *             boolean, String, String, boolean, boolean, long, boolean,
051             *             boolean, int, int, int, int, int, int, String, boolean, int,
052             *             boolean, long, long, int, boolean, int, long, long, long,
053             *             ServiceContext)}
054             */
055            @Deprecated
056            @Override
057            public PasswordPolicy addPasswordPolicy(
058                            long userId, boolean defaultPolicy, String name, String description,
059                            boolean changeable, boolean changeRequired, long minAge,
060                            boolean checkSyntax, boolean allowDictionaryWords,
061                            int minAlphanumeric, int minLength, int minLowerCase,
062                            int minNumbers, int minSymbols, int minUpperCase, boolean history,
063                            int historyCount, boolean expireable, long maxAge, long warningTime,
064                            int graceLimit, boolean lockout, int maxFailure,
065                            long lockoutDuration, long resetFailureCount,
066                            long resetTicketMaxAge)
067                    throws PortalException {
068    
069                    return addPasswordPolicy(
070                            userId, defaultPolicy, name, description, changeable,
071                            changeRequired, minAge, checkSyntax, allowDictionaryWords,
072                            minAlphanumeric, minLength, minLowerCase, minNumbers, minSymbols,
073                            minUpperCase, null, history, historyCount, expireable, maxAge,
074                            warningTime, graceLimit, lockout, maxFailure, lockoutDuration,
075                            resetFailureCount, resetTicketMaxAge, new ServiceContext());
076            }
077    
078            @Override
079            public PasswordPolicy addPasswordPolicy(
080                            long userId, boolean defaultPolicy, String name, String description,
081                            boolean changeable, boolean changeRequired, long minAge,
082                            boolean checkSyntax, boolean allowDictionaryWords,
083                            int minAlphanumeric, int minLength, int minLowerCase,
084                            int minNumbers, int minSymbols, int minUpperCase, String regex,
085                            boolean history, int historyCount, boolean expireable, long maxAge,
086                            long warningTime, int graceLimit, boolean lockout, int maxFailure,
087                            long lockoutDuration, long resetFailureCount,
088                            long resetTicketMaxAge, ServiceContext serviceContext)
089                    throws PortalException {
090    
091                    // Password policy
092    
093                    User user = userPersistence.findByPrimaryKey(userId);
094                    Date now = new Date();
095    
096                    validate(0, user.getCompanyId(), name);
097    
098                    long passwordPolicyId = counterLocalService.increment();
099    
100                    PasswordPolicy passwordPolicy = passwordPolicyPersistence.create(
101                            passwordPolicyId);
102    
103                    passwordPolicy.setUuid(serviceContext.getUuid());
104                    passwordPolicy.setCompanyId(user.getCompanyId());
105                    passwordPolicy.setUserId(userId);
106                    passwordPolicy.setUserName(user.getFullName());
107                    passwordPolicy.setCreateDate(serviceContext.getCreateDate(now));
108                    passwordPolicy.setModifiedDate(serviceContext.getModifiedDate(now));
109                    passwordPolicy.setDefaultPolicy(defaultPolicy);
110                    passwordPolicy.setName(name);
111                    passwordPolicy.setDescription(description);
112                    passwordPolicy.setChangeable(changeable);
113                    passwordPolicy.setChangeRequired(changeRequired);
114                    passwordPolicy.setMinAge(minAge);
115                    passwordPolicy.setCheckSyntax(checkSyntax);
116                    passwordPolicy.setAllowDictionaryWords(allowDictionaryWords);
117                    passwordPolicy.setMinAlphanumeric(minAlphanumeric);
118                    passwordPolicy.setMinLength(minLength);
119                    passwordPolicy.setMinLowerCase(minLowerCase);
120                    passwordPolicy.setMinNumbers(minNumbers);
121                    passwordPolicy.setMinSymbols(minSymbols);
122                    passwordPolicy.setMinUpperCase(minUpperCase);
123                    passwordPolicy.setRegex(regex);
124                    passwordPolicy.setHistory(history);
125                    passwordPolicy.setHistoryCount(historyCount);
126                    passwordPolicy.setExpireable(expireable);
127                    passwordPolicy.setMaxAge(maxAge);
128                    passwordPolicy.setWarningTime(warningTime);
129                    passwordPolicy.setGraceLimit(graceLimit);
130                    passwordPolicy.setLockout(lockout);
131                    passwordPolicy.setMaxFailure(maxFailure);
132                    passwordPolicy.setLockoutDuration(lockoutDuration);
133                    passwordPolicy.setRequireUnlock(lockoutDuration == 0);
134                    passwordPolicy.setResetFailureCount(resetFailureCount);
135                    passwordPolicy.setResetTicketMaxAge(resetTicketMaxAge);
136                    passwordPolicy.setExpandoBridgeAttributes(serviceContext);
137    
138                    passwordPolicyPersistence.update(passwordPolicy);
139    
140                    // Resources
141    
142                    if (!user.isDefaultUser()) {
143                            resourceLocalService.addResources(
144                                    user.getCompanyId(), 0, userId, PasswordPolicy.class.getName(),
145                                    passwordPolicy.getPasswordPolicyId(), false, false, false);
146                    }
147    
148                    return passwordPolicy;
149            }
150    
151            @Override
152            public void checkDefaultPasswordPolicy(long companyId)
153                    throws PortalException {
154    
155                    String defaultPasswordPolicyName =
156                            PropsValues.PASSWORDS_DEFAULT_POLICY_NAME;
157    
158                    PasswordPolicy defaultPasswordPolicy =
159                            passwordPolicyPersistence.fetchByC_N(
160                                    companyId, defaultPasswordPolicyName);
161    
162                    if (defaultPasswordPolicy == null) {
163                            long defaultUserId = userLocalService.getDefaultUserId(companyId);
164    
165                            addPasswordPolicy(
166                                    defaultUserId, true, defaultPasswordPolicyName,
167                                    defaultPasswordPolicyName,
168                                    PropsValues.PASSWORDS_DEFAULT_POLICY_CHANGEABLE,
169                                    PropsValues.PASSWORDS_DEFAULT_POLICY_CHANGE_REQUIRED,
170                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_AGE,
171                                    PropsValues.PASSWORDS_DEFAULT_POLICY_CHECK_SYNTAX,
172                                    PropsValues.PASSWORDS_DEFAULT_POLICY_ALLOW_DICTIONARY_WORDS,
173                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_ALPHANUMERIC,
174                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_LENGTH,
175                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_LOWERCASE,
176                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_NUMBERS,
177                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_SYMBOLS,
178                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_UPPERCASE,
179                                    PropsValues.PASSWORDS_DEFAULT_POLICY_REGEX,
180                                    PropsValues.PASSWORDS_DEFAULT_POLICY_HISTORY,
181                                    PropsValues.PASSWORDS_DEFAULT_POLICY_HISTORY_COUNT,
182                                    PropsValues.PASSWORDS_DEFAULT_POLICY_EXPIREABLE,
183                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MAX_AGE,
184                                    PropsValues.PASSWORDS_DEFAULT_POLICY_WARNING_TIME,
185                                    PropsValues.PASSWORDS_DEFAULT_POLICY_GRACE_LIMIT,
186                                    PropsValues.PASSWORDS_DEFAULT_POLICY_LOCKOUT,
187                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MAX_FAILURE,
188                                    PropsValues.PASSWORDS_DEFAULT_POLICY_LOCKOUT_DURATION,
189                                    PropsValues.PASSWORDS_DEFAULT_POLICY_RESET_FAILURE_COUNT,
190                                    PropsValues.PASSWORDS_DEFAULT_POLICY_RESET_TICKET_MAX_AGE,
191                                    new ServiceContext());
192                    }
193            }
194    
195            @Override
196            public void deleteNondefaultPasswordPolicies(long companyId)
197                    throws PortalException {
198    
199                    List<PasswordPolicy> passwordPolicies =
200                            passwordPolicyPersistence.findByCompanyId(companyId);
201    
202                    for (PasswordPolicy passwordPolicy : passwordPolicies) {
203                            if (!passwordPolicy.isDefaultPolicy()) {
204                                    passwordPolicyLocalService.deletePasswordPolicy(passwordPolicy);
205                            }
206                    }
207            }
208    
209            @Override
210            public PasswordPolicy deletePasswordPolicy(long passwordPolicyId)
211                    throws PortalException {
212    
213                    PasswordPolicy passwordPolicy =
214                            passwordPolicyPersistence.findByPrimaryKey(passwordPolicyId);
215    
216                    return passwordPolicyLocalService.deletePasswordPolicy(passwordPolicy);
217            }
218    
219            @Override
220            @SystemEvent(
221                    action = SystemEventConstants.ACTION_SKIP,
222                    type = SystemEventConstants.TYPE_DELETE)
223            public PasswordPolicy deletePasswordPolicy(PasswordPolicy passwordPolicy)
224                    throws PortalException {
225    
226                    if (passwordPolicy.isDefaultPolicy() &&
227                            !CompanyThreadLocal.isDeleteInProcess()) {
228    
229                            throw new RequiredPasswordPolicyException();
230                    }
231    
232                    // Password policy relations
233    
234                    passwordPolicyRelLocalService.deletePasswordPolicyRels(
235                            passwordPolicy.getPasswordPolicyId());
236    
237                    // Resources
238    
239                    resourceLocalService.deleteResource(
240                            passwordPolicy.getCompanyId(), PasswordPolicy.class.getName(),
241                            ResourceConstants.SCOPE_INDIVIDUAL,
242                            passwordPolicy.getPasswordPolicyId());
243    
244                    // Password policy
245    
246                    return passwordPolicyPersistence.remove(passwordPolicy);
247            }
248    
249            @Override
250            public PasswordPolicy fetchPasswordPolicy(long companyId, String name) {
251                    return passwordPolicyPersistence.fetchByC_N(companyId, name);
252            }
253    
254            @Override
255            public PasswordPolicy getDefaultPasswordPolicy(long companyId)
256                    throws PortalException {
257    
258                    if (LDAPSettingsUtil.isPasswordPolicyEnabled(companyId)) {
259                            return null;
260                    }
261    
262                    return passwordPolicyPersistence.findByC_DP(companyId, true);
263            }
264    
265            /**
266             * @deprecated As of 6.1.0
267             */
268            @Deprecated
269            @Override
270            public PasswordPolicy getPasswordPolicy(
271                            long companyId, long organizationId, long locationId)
272                    throws PortalException {
273    
274                    return getPasswordPolicy(
275                            companyId, new long[] {organizationId, locationId});
276            }
277    
278            @Override
279            public PasswordPolicy getPasswordPolicy(
280                            long companyId, long[] organizationIds)
281                    throws PortalException {
282    
283                    if (LDAPSettingsUtil.isPasswordPolicyEnabled(companyId)) {
284                            return null;
285                    }
286    
287                    if (ArrayUtil.isEmpty(organizationIds)) {
288                            return getDefaultPasswordPolicy(companyId);
289                    }
290    
291                    long classNameId = classNameLocalService.getClassNameId(
292                            Organization.class.getName());
293    
294                    PasswordPolicyRel passwordPolicyRel = null;
295    
296                    for (int i = 0; i < organizationIds.length; i++) {
297                            long organizationId = organizationIds[i];
298    
299                            passwordPolicyRel = passwordPolicyRelPersistence.fetchByC_C(
300                                    classNameId, organizationId);
301    
302                            if (passwordPolicyRel != null) {
303                                    return passwordPolicyPersistence.findByPrimaryKey(
304                                            passwordPolicyRel.getPasswordPolicyId());
305                            }
306                    }
307    
308                    return getDefaultPasswordPolicy(companyId);
309            }
310    
311            @Override
312            @ThreadLocalCachable
313            public PasswordPolicy getPasswordPolicyByUserId(long userId)
314                    throws PortalException {
315    
316                    User user = userPersistence.findByPrimaryKey(userId);
317    
318                    if (LDAPSettingsUtil.isPasswordPolicyEnabled(user.getCompanyId())) {
319                            return null;
320                    }
321    
322                    long classNameId = classNameLocalService.getClassNameId(
323                            User.class.getName());
324    
325                    PasswordPolicyRel passwordPolicyRel =
326                            passwordPolicyRelPersistence.fetchByC_C(classNameId, userId);
327    
328                    if (passwordPolicyRel != null) {
329                            return getPasswordPolicy(passwordPolicyRel.getPasswordPolicyId());
330                    }
331    
332                    long[] organizationIds = userPersistence.getOrganizationPrimaryKeys(
333                            userId);
334    
335                    if (organizationIds.length == 0) {
336                            return passwordPolicyPersistence.findByC_DP(
337                                    user.getCompanyId(), true);
338                    }
339    
340                    return getPasswordPolicy(user.getCompanyId(), organizationIds);
341            }
342    
343            @Override
344            public List<PasswordPolicy> search(
345                    long companyId, String name, int start, int end,
346                    OrderByComparator<PasswordPolicy> obc) {
347    
348                    return passwordPolicyFinder.findByC_N(companyId, name, start, end, obc);
349            }
350    
351            @Override
352            public int searchCount(long companyId, String name) {
353                    return passwordPolicyFinder.countByC_N(companyId, name);
354            }
355    
356            /**
357             * @deprecated As of 6.2.0, replaced by {@link #updatePasswordPolicy(long,
358             *             String, String, boolean, boolean, long, boolean, boolean,
359             *             int, int, int, int, int, int, String, boolean, int, boolean,
360             *             long, long, int, boolean, int, long, long, long,
361             *             ServiceContext)}
362             */
363            @Deprecated
364            @Override
365            public PasswordPolicy updatePasswordPolicy(
366                            long passwordPolicyId, String name, String description,
367                            boolean changeable, boolean changeRequired, long minAge,
368                            boolean checkSyntax, boolean allowDictionaryWords,
369                            int minAlphanumeric, int minLength, int minLowerCase,
370                            int minNumbers, int minSymbols, int minUpperCase, boolean history,
371                            int historyCount, boolean expireable, long maxAge, long warningTime,
372                            int graceLimit, boolean lockout, int maxFailure,
373                            long lockoutDuration, long resetFailureCount,
374                            long resetTicketMaxAge)
375                    throws PortalException {
376    
377                    return updatePasswordPolicy(
378                            passwordPolicyId, name, description, changeable, changeRequired,
379                            minAge, checkSyntax, allowDictionaryWords, minAlphanumeric,
380                            minLength, minLowerCase, minNumbers, minSymbols, minUpperCase, null,
381                            history, historyCount, expireable, maxAge, warningTime, graceLimit,
382                            lockout, maxFailure, lockoutDuration, resetFailureCount,
383                            resetTicketMaxAge, new ServiceContext());
384            }
385    
386            @Override
387            public PasswordPolicy updatePasswordPolicy(
388                            long passwordPolicyId, String name, String description,
389                            boolean changeable, boolean changeRequired, long minAge,
390                            boolean checkSyntax, boolean allowDictionaryWords,
391                            int minAlphanumeric, int minLength, int minLowerCase,
392                            int minNumbers, int minSymbols, int minUpperCase, String regex,
393                            boolean history, int historyCount, boolean expireable, long maxAge,
394                            long warningTime, int graceLimit, boolean lockout, int maxFailure,
395                            long lockoutDuration, long resetFailureCount,
396                            long resetTicketMaxAge, ServiceContext serviceContext)
397                    throws PortalException {
398    
399                    Date now = new Date();
400    
401                    PasswordPolicy passwordPolicy =
402                            passwordPolicyPersistence.findByPrimaryKey(passwordPolicyId);
403    
404                    if (!passwordPolicy.getDefaultPolicy()) {
405                            validate(passwordPolicyId, passwordPolicy.getCompanyId(), name);
406    
407                            passwordPolicy.setName(name);
408                    }
409    
410                    passwordPolicy.setModifiedDate(serviceContext.getModifiedDate(now));
411                    passwordPolicy.setDescription(description);
412                    passwordPolicy.setChangeable(changeable);
413                    passwordPolicy.setChangeRequired(changeRequired);
414                    passwordPolicy.setMinAge(minAge);
415                    passwordPolicy.setCheckSyntax(checkSyntax);
416                    passwordPolicy.setAllowDictionaryWords(allowDictionaryWords);
417                    passwordPolicy.setMinAlphanumeric(minAlphanumeric);
418                    passwordPolicy.setMinLength(minLength);
419                    passwordPolicy.setMinLowerCase(minLowerCase);
420                    passwordPolicy.setMinNumbers(minNumbers);
421                    passwordPolicy.setMinSymbols(minSymbols);
422                    passwordPolicy.setMinUpperCase(minUpperCase);
423                    passwordPolicy.setRegex(regex);
424                    passwordPolicy.setHistory(history);
425                    passwordPolicy.setHistoryCount(historyCount);
426                    passwordPolicy.setExpireable(expireable);
427                    passwordPolicy.setMaxAge(maxAge);
428                    passwordPolicy.setWarningTime(warningTime);
429                    passwordPolicy.setGraceLimit(graceLimit);
430                    passwordPolicy.setLockout(lockout);
431                    passwordPolicy.setMaxFailure(maxFailure);
432                    passwordPolicy.setLockoutDuration(lockoutDuration);
433                    passwordPolicy.setRequireUnlock(lockoutDuration == 0);
434                    passwordPolicy.setResetFailureCount(resetFailureCount);
435                    passwordPolicy.setResetTicketMaxAge(resetTicketMaxAge);
436                    passwordPolicy.setExpandoBridgeAttributes(serviceContext);
437    
438                    passwordPolicyPersistence.update(passwordPolicy);
439    
440                    return passwordPolicy;
441            }
442    
443            protected void validate(long passwordPolicyId, long companyId, String name)
444                    throws PortalException {
445    
446                    if (Validator.isNull(name) || Validator.isNumber(name) ||
447                            (name.indexOf(CharPool.COMMA) != -1) ||
448                            (name.indexOf(CharPool.STAR) != -1)) {
449    
450                            throw new PasswordPolicyNameException();
451                    }
452    
453                    PasswordPolicy passwordPolicy = passwordPolicyPersistence.fetchByC_N(
454                            companyId, name);
455    
456                    if ((passwordPolicy != null) &&
457                            (passwordPolicy.getPasswordPolicyId() != passwordPolicyId)) {
458    
459                            throw new DuplicatePasswordPolicyException(
460                                    "{passwordPolicyId=" + passwordPolicyId + "}");
461                    }
462            }
463    
464    }