1   /**
2    * Copyright (c) 2000-2009 Liferay, Inc. All rights reserved.
3    *
4    * Permission is hereby granted, free of charge, to any person obtaining a copy
5    * of this software and associated documentation files (the "Software"), to deal
6    * in the Software without restriction, including without limitation the rights
7    * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
8    * copies of the Software, and to permit persons to whom the Software is
9    * furnished to do so, subject to the following conditions:
10   *
11   * The above copyright notice and this permission notice shall be included in
12   * all copies or substantial portions of the Software.
13   *
14   * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15   * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16   * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
17   * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
18   * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
19   * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
20   * SOFTWARE.
21   */
22  
23  package com.liferay.portlet.enterpriseadmin.action;
24  
25  import com.liferay.portal.kernel.servlet.SessionErrors;
26  import com.liferay.portal.kernel.util.Constants;
27  import com.liferay.portal.kernel.util.ParamUtil;
28  import com.liferay.portal.kernel.util.Validator;
29  import com.liferay.portal.model.Company;
30  import com.liferay.portal.model.RoleConstants;
31  import com.liferay.portal.security.auth.PrincipalException;
32  import com.liferay.portal.security.ldap.PortalLDAPUtil;
33  import com.liferay.portal.service.CompanyServiceUtil;
34  import com.liferay.portal.service.RoleLocalServiceUtil;
35  import com.liferay.portal.servlet.filters.sso.cas.CASFilter;
36  import com.liferay.portal.struts.PortletAction;
37  import com.liferay.portal.util.PortalUtil;
38  import com.liferay.portal.util.PrefsPropsUtil;
39  import com.liferay.portal.util.PropsKeys;
40  import com.liferay.util.ldap.LDAPUtil;
41  
42  import javax.portlet.ActionRequest;
43  import javax.portlet.ActionResponse;
44  import javax.portlet.PortletConfig;
45  import javax.portlet.PortletPreferences;
46  
47  import org.apache.struts.action.ActionForm;
48  import org.apache.struts.action.ActionMapping;
49  
50  /**
51   * <a href="EditSettingsAction.java.html"><b><i>View Source</i></b></a>
52   *
53   * @author Brian Wing Shun Chan
54   * @author Scott Lee
55   *
56   */
57  public class EditSettingsAction extends PortletAction {
58  
59      public void processAction(
60              ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
61              ActionRequest actionRequest, ActionResponse actionResponse)
62          throws Exception {
63  
64          long companyId = PortalUtil.getCompanyId(actionRequest);
65          long userId = PortalUtil.getUserId(actionRequest);
66  
67          if (!RoleLocalServiceUtil.hasUserRole(
68                  userId, companyId, RoleConstants.ADMINISTRATOR, true)) {
69  
70              SessionErrors.add(
71                  actionRequest, PrincipalException.class.getName());
72  
73              setForward(actionRequest, "portlet.enterprise_admin.error");
74  
75              return;
76          }
77  
78          PortletPreferences prefs = PrefsPropsUtil.getPreferences(companyId);
79  
80          String cmd = ParamUtil.getString(actionRequest, Constants.CMD);
81  
82          if (cmd.equals("updateCAS")) {
83              updateCAS(actionRequest, companyId, prefs);
84          }
85          else if (cmd.equals("updateDefaultGroupsAndRoles")) {
86              updateDefaultGroupsAndRoles(actionRequest, prefs);
87          }
88          else if (cmd.equals("updateEmails")) {
89              updateEmails(actionRequest, prefs);
90          }
91          else if (cmd.equals("updateLdap")) {
92              updateLdap(actionRequest, companyId, prefs);
93          }
94          else if (cmd.equals("updateMailHostNames")) {
95              updateMailHostNames(actionRequest, prefs);
96          }
97          else if (cmd.equals("updateNtlm")) {
98              updateNtlm(actionRequest, companyId, prefs);
99          }
100         else if (cmd.equals("updateOpenId")) {
101             updateOpenId(actionRequest, prefs);
102         }
103         else if (cmd.equals("updateOpenSSO")) {
104             updateOpenSSO(actionRequest, companyId, prefs);
105         }
106         else if (cmd.equals("updateReservedUsers")) {
107             updateReservedUsers(actionRequest, prefs);
108         }
109         else if (cmd.equals("updateSecurity")) {
110             updateSecurity(actionRequest);
111         }
112         else if (cmd.equals("updateSiteMinder")) {
113             updateSiteMinder(actionRequest, companyId, prefs);
114         }
115 
116         if (SessionErrors.isEmpty(actionRequest)) {
117             if (!cmd.equals("updateLdap") && !cmd.equals("updateSecurity")) {
118                 prefs.store();
119             }
120 
121             sendRedirect(actionRequest, actionResponse);
122         }
123         else {
124             setForward(actionRequest, "portlet.enterprise_admin.view");
125         }
126     }
127 
128     protected void updateCAS(
129             ActionRequest actionRequest, long companyId,
130             PortletPreferences prefs)
131         throws Exception {
132 
133         boolean enabled = ParamUtil.getBoolean(actionRequest, "enabled");
134         boolean importFromLdap = ParamUtil.getBoolean(
135             actionRequest, "importFromLdap");
136         String loginUrl = ParamUtil.getString(actionRequest, "loginUrl");
137         String logoutUrl = ParamUtil.getString(actionRequest, "logoutUrl");
138         String serverName = ParamUtil.getString(actionRequest, "serverName");
139         String serviceUrl = ParamUtil.getString(actionRequest, "serviceUrl");
140         String validateUrl = ParamUtil.getString(actionRequest, "validateUrl");
141 
142         prefs.setValue(
143             PropsKeys.CAS_AUTH_ENABLED, String.valueOf(enabled));
144         prefs.setValue(
145             PropsKeys.CAS_IMPORT_FROM_LDAP, String.valueOf(importFromLdap));
146         prefs.setValue(PropsKeys.CAS_LOGIN_URL, loginUrl);
147         prefs.setValue(PropsKeys.CAS_LOGOUT_URL, logoutUrl);
148         prefs.setValue(PropsKeys.CAS_SERVER_NAME, serverName);
149         prefs.setValue(PropsKeys.CAS_SERVICE_URL, serviceUrl);
150         prefs.setValue(PropsKeys.CAS_VALIDATE_URL, validateUrl);
151 
152         prefs.store();
153 
154         CASFilter.reload(companyId);
155     }
156 
157     protected void updateDefaultGroupsAndRoles(
158             ActionRequest actionRequest, PortletPreferences prefs)
159         throws Exception {
160 
161         String defaultGroupNames = ParamUtil.getString(
162             actionRequest, "defaultGroupNames");
163         String defaultRoleNames = ParamUtil.getString(
164             actionRequest, "defaultRoleNames");
165         String defaultUserGroupNames = ParamUtil.getString(
166             actionRequest, "defaultUserGroupNames");
167 
168         prefs.setValue(PropsKeys.ADMIN_DEFAULT_GROUP_NAMES, defaultGroupNames);
169         prefs.setValue(PropsKeys.ADMIN_DEFAULT_ROLE_NAMES, defaultRoleNames);
170         prefs.setValue(
171             PropsKeys.ADMIN_DEFAULT_USER_GROUP_NAMES, defaultUserGroupNames);
172     }
173 
174     protected void updateEmails(
175             ActionRequest actionRequest, PortletPreferences prefs)
176         throws Exception {
177 
178         String tabs3 = ParamUtil.getString(actionRequest, "tabs3");
179 
180         if (tabs3.equals("account-created-notification")) {
181             String emailUserAddedEnabled = ParamUtil.getString(
182                 actionRequest, "emailUserAddedEnabled");
183             String emailUserAddedSubject = ParamUtil.getString(
184                 actionRequest, "emailUserAddedSubject");
185             String emailUserAddedBody = ParamUtil.getString(
186                 actionRequest, "emailUserAddedBody");
187 
188             if (Validator.isNull(emailUserAddedSubject)) {
189                 SessionErrors.add(actionRequest, "emailUserAddedSubject");
190             }
191             else if (Validator.isNull(emailUserAddedBody)) {
192                 SessionErrors.add(actionRequest, "emailUserAddedBody");
193             }
194             else {
195                 prefs.setValue(
196                     PropsKeys.ADMIN_EMAIL_USER_ADDED_ENABLED,
197                     emailUserAddedEnabled);
198                 prefs.setValue(
199                     PropsKeys.ADMIN_EMAIL_USER_ADDED_SUBJECT,
200                     emailUserAddedSubject);
201                 prefs.setValue(
202                     PropsKeys.ADMIN_EMAIL_USER_ADDED_BODY, emailUserAddedBody);
203             }
204         }
205         else if (tabs3.equals("password-changed-notification")) {
206             String emailPasswordSentEnabled = ParamUtil.getString(
207                 actionRequest, "emailPasswordSentEnabled");
208             String emailPasswordSentSubject = ParamUtil.getString(
209                 actionRequest, "emailPasswordSentSubject");
210             String emailPasswordSentBody = ParamUtil.getString(
211                 actionRequest, "emailPasswordSentBody");
212 
213             if (Validator.isNull(emailPasswordSentSubject)) {
214                 SessionErrors.add(actionRequest, "emailPasswordSentSubject");
215             }
216             else if (Validator.isNull(emailPasswordSentBody)) {
217                 SessionErrors.add(actionRequest, "emailPasswordSentBody");
218             }
219             else {
220                 prefs.setValue(
221                     PropsKeys.ADMIN_EMAIL_PASSWORD_SENT_ENABLED,
222                     emailPasswordSentEnabled);
223                 prefs.setValue(
224                     PropsKeys.ADMIN_EMAIL_PASSWORD_SENT_SUBJECT,
225                     emailPasswordSentSubject);
226                 prefs.setValue(
227                     PropsKeys.ADMIN_EMAIL_PASSWORD_SENT_BODY,
228                     emailPasswordSentBody);
229             }
230         }
231         else {
232             String emailFromName = ParamUtil.getString(
233                 actionRequest, "emailFromName");
234             String emailFromAddress = ParamUtil.getString(
235                 actionRequest, "emailFromAddress");
236 
237             if (Validator.isNull(emailFromName)) {
238                 SessionErrors.add(actionRequest, "emailFromName");
239             }
240             else if (!Validator.isEmailAddress(emailFromAddress)) {
241                 SessionErrors.add(actionRequest, "emailFromAddress");
242             }
243             else {
244                 prefs.setValue(PropsKeys.ADMIN_EMAIL_FROM_NAME, emailFromName);
245                 prefs.setValue(
246                     PropsKeys.ADMIN_EMAIL_FROM_ADDRESS, emailFromAddress);
247             }
248         }
249     }
250 
251     protected void updateLdap(
252             ActionRequest actionRequest, long companyId,
253             PortletPreferences prefs)
254         throws Exception {
255 
256         boolean enabled = ParamUtil.getBoolean(actionRequest, "enabled");
257         boolean required = ParamUtil.getBoolean(actionRequest, "required");
258         String baseProviderURL = ParamUtil.getString(
259             actionRequest, "baseProviderURL");
260         String baseDN = ParamUtil.getString(actionRequest, "baseDN");
261         String principal = ParamUtil.getString(actionRequest, "principal");
262         String credentials = ParamUtil.getString(actionRequest, "credentials");
263         String searchFilter = ParamUtil.getString(
264             actionRequest, "searchFilter");
265         String userDefaultObjectClasses = ParamUtil.getString(
266             actionRequest, "userDefaultObjectClasses");
267 
268         String userMappings =
269             "screenName=" +
270                 ParamUtil.getString(actionRequest, "userMappingScreenName") +
271             "\npassword=" +
272                 ParamUtil.getString(actionRequest, "userMappingPassword") +
273             "\nemailAddress=" +
274                 ParamUtil.getString(actionRequest, "userMappingEmailAddress") +
275             "\nfullName=" +
276                 ParamUtil.getString(actionRequest, "userMappingFullName") +
277             "\nfirstName=" +
278                 ParamUtil.getString(actionRequest, "userMappingFirstName") +
279             "\nlastName=" +
280                 ParamUtil.getString(actionRequest, "userMappingLastName") +
281             "\njobTitle=" +
282                 ParamUtil.getString(actionRequest, "userMappingJobTitle") +
283             "\ngroup=" + ParamUtil.getString(actionRequest, "userMappingGroup");
284 
285         String groupMappings =
286             "groupName=" +
287                 ParamUtil.getString(actionRequest, "groupMappingGroupName") +
288             "\ndescription=" +
289                 ParamUtil.getString(actionRequest, "groupMappingDescription") +
290             "\nuser=" + ParamUtil.getString(actionRequest, "groupMappingUser");
291 
292         boolean importEnabled = ParamUtil.getBoolean(
293             actionRequest, "importEnabled");
294         boolean importOnStartup = ParamUtil.getBoolean(
295             actionRequest, "importOnStartup");
296         long importInterval = ParamUtil.getLong(
297             actionRequest, "importInterval");
298         String importUserSearchFilter = ParamUtil.getString(
299             actionRequest, "importUserSearchFilter");
300         String importGroupSearchFilter = ParamUtil.getString(
301             actionRequest, "importGroupSearchFilter");
302         boolean exportEnabled = ParamUtil.getBoolean(
303             actionRequest, "exportEnabled");
304         String usersDN = ParamUtil.getString(actionRequest, "usersDN");
305         String groupsDN = ParamUtil.getString(actionRequest, "groupsDN");
306         boolean passwordPolicyEnabled = ParamUtil.getBoolean(
307             actionRequest, "passwordPolicyEnabled");
308 
309         try {
310             if (enabled) {
311                 String fullProviderURL = LDAPUtil.getFullProviderURL(
312                     baseProviderURL, baseDN);
313 
314                 PortalLDAPUtil.getContext(
315                     companyId, fullProviderURL, principal, credentials);
316             }
317         }
318         catch (Exception e) {
319             SessionErrors.add(actionRequest, "ldapAuthentication");
320 
321             return;
322         }
323 
324         prefs.setValue(PropsKeys.LDAP_AUTH_ENABLED, String.valueOf(enabled));
325         prefs.setValue(PropsKeys.LDAP_AUTH_REQUIRED, String.valueOf(required));
326         prefs.setValue(PropsKeys.LDAP_BASE_PROVIDER_URL, baseProviderURL);
327         prefs.setValue(PropsKeys.LDAP_BASE_DN, baseDN);
328         prefs.setValue(PropsKeys.LDAP_SECURITY_PRINCIPAL, principal);
329         prefs.setValue(PropsKeys.LDAP_SECURITY_CREDENTIALS, credentials);
330         prefs.setValue(PropsKeys.LDAP_AUTH_SEARCH_FILTER, searchFilter);
331         prefs.setValue(
332             PropsKeys.LDAP_USER_DEFAULT_OBJECT_CLASSES,
333             userDefaultObjectClasses);
334         prefs.setValue(PropsKeys.LDAP_USER_MAPPINGS, userMappings);
335         prefs.setValue(PropsKeys.LDAP_GROUP_MAPPINGS, groupMappings);
336         prefs.setValue(
337             PropsKeys.LDAP_IMPORT_ENABLED, String.valueOf(importEnabled));
338         prefs.setValue(
339             PropsKeys.LDAP_IMPORT_ON_STARTUP, String.valueOf(importOnStartup));
340         prefs.setValue(
341             PropsKeys.LDAP_IMPORT_INTERVAL, String.valueOf(importInterval));
342         prefs.setValue(
343             PropsKeys.LDAP_IMPORT_USER_SEARCH_FILTER, importUserSearchFilter);
344         prefs.setValue(
345             PropsKeys.LDAP_IMPORT_GROUP_SEARCH_FILTER, importGroupSearchFilter);
346         prefs.setValue(
347             PropsKeys.LDAP_EXPORT_ENABLED, String.valueOf(exportEnabled));
348         prefs.setValue(PropsKeys.LDAP_USERS_DN, usersDN);
349         prefs.setValue(PropsKeys.LDAP_GROUPS_DN, groupsDN);
350         prefs.setValue(
351             PropsKeys.LDAP_PASSWORD_POLICY_ENABLED,
352             String.valueOf(passwordPolicyEnabled));
353 
354         prefs.store();
355     }
356 
357     protected void updateMailHostNames(
358             ActionRequest actionRequest, PortletPreferences prefs)
359         throws Exception {
360 
361         String mailHostNames = ParamUtil.getString(
362             actionRequest, "mailHostNames");
363 
364         prefs.setValue(PropsKeys.ADMIN_MAIL_HOST_NAMES, mailHostNames);
365     }
366 
367     protected void updateNtlm(
368             ActionRequest actionRequest, long companyId,
369             PortletPreferences prefs)
370         throws Exception {
371 
372         boolean enabled = ParamUtil.getBoolean(actionRequest, "enabled");
373         String domainController = ParamUtil.getString(
374             actionRequest, "domainController");
375         String domain = ParamUtil.getString(actionRequest, "domain");
376 
377         prefs.setValue(
378             PropsKeys.NTLM_AUTH_ENABLED, String.valueOf(enabled));
379         prefs.setValue(PropsKeys.NTLM_DOMAIN_CONTROLLER, domainController);
380         prefs.setValue(PropsKeys.NTLM_DOMAIN, domain);
381 
382         prefs.store();
383     }
384 
385     protected void updateOpenId(
386             ActionRequest actionRequest, PortletPreferences prefs)
387         throws Exception {
388 
389         boolean enabled = ParamUtil.getBoolean(actionRequest, "enabled");
390 
391         prefs.setValue(PropsKeys.OPEN_ID_AUTH_ENABLED, String.valueOf(enabled));
392 
393         prefs.store();
394     }
395 
396     protected void updateOpenSSO(
397             ActionRequest actionRequest, long companyId,
398             PortletPreferences prefs)
399         throws Exception {
400 
401         boolean enabled = ParamUtil.getBoolean(actionRequest, "enabled");
402         String loginUrl = ParamUtil.getString(actionRequest, "loginUrl");
403         String logoutUrl = ParamUtil.getString(actionRequest, "logoutUrl");
404         String serviceUrl = ParamUtil.getString(actionRequest, "serviceUrl");
405         String screenName = ParamUtil.getString(
406             actionRequest, "screenNameAttr");
407         String emailAddress = ParamUtil.getString(
408             actionRequest, "emailAddressAttr");
409         String firstName = ParamUtil.getString(actionRequest, "firstNameAttr");
410         String lastName = ParamUtil.getString(actionRequest, "lastNameAttr");
411 
412         prefs.setValue(
413             PropsKeys.OPEN_SSO_AUTH_ENABLED, String.valueOf(enabled));
414         prefs.setValue(PropsKeys.OPEN_SSO_LOGIN_URL, loginUrl);
415         prefs.setValue(PropsKeys.OPEN_SSO_LOGOUT_URL, logoutUrl);
416         prefs.setValue(PropsKeys.OPEN_SSO_SERVICE_URL, serviceUrl);
417         prefs.setValue(PropsKeys.OPEN_SSO_SCREEN_NAME_ATTR, screenName);
418         prefs.setValue(PropsKeys.OPEN_SSO_EMAIL_ADDRESS_ATTR, emailAddress);
419         prefs.setValue(PropsKeys.OPEN_SSO_FIRST_NAME_ATTR, firstName);
420         prefs.setValue(PropsKeys.OPEN_SSO_LAST_NAME_ATTR, lastName);
421 
422         prefs.store();
423     }
424 
425     protected void updateReservedUsers(
426             ActionRequest actionRequest, PortletPreferences prefs)
427         throws Exception {
428 
429         String reservedScreenNames = ParamUtil.getString(
430             actionRequest, "reservedScreenNames");
431         String reservedEmailAddresses = ParamUtil.getString(
432             actionRequest, "reservedEmailAddresses");
433 
434         prefs.setValue(
435             PropsKeys.ADMIN_RESERVED_SCREEN_NAMES, reservedScreenNames);
436         prefs.setValue(
437             PropsKeys.ADMIN_RESERVED_EMAIL_ADDRESSES, reservedEmailAddresses);
438     }
439 
440     protected void updateSecurity(ActionRequest actionRequest)
441         throws Exception {
442 
443         Company company = PortalUtil.getCompany(actionRequest);
444 
445         String authType = ParamUtil.getString(actionRequest, "authType");
446         boolean autoLogin = ParamUtil.getBoolean(actionRequest, "autoLogin");
447         boolean sendPassword = ParamUtil.getBoolean(
448             actionRequest, "sendPassword");
449         boolean strangers = ParamUtil.getBoolean(actionRequest, "strangers");
450         boolean strangersWithMx = ParamUtil.getBoolean(
451             actionRequest, "strangersWithMx");
452         boolean strangersVerify = ParamUtil.getBoolean(
453             actionRequest, "strangersVerify");
454 
455         CompanyServiceUtil.updateSecurity(
456             company.getCompanyId(), authType, autoLogin, sendPassword,
457             strangers, strangersWithMx, strangersVerify,
458             company.isCommunityLogo());
459     }
460 
461     protected void updateSiteMinder(
462             ActionRequest actionRequest, long companyId,
463             PortletPreferences prefs)
464         throws Exception {
465 
466         boolean enabled = ParamUtil.getBoolean(actionRequest, "enabled");
467         boolean importFromLdap = ParamUtil.getBoolean(
468             actionRequest, "importFromLdap");
469         String userHeader = ParamUtil.getString(actionRequest, "userHeader");
470 
471         prefs.setValue(
472             PropsKeys.SITEMINDER_AUTH_ENABLED, String.valueOf(enabled));
473         prefs.setValue(
474             PropsKeys.SITEMINDER_IMPORT_FROM_LDAP,
475             String.valueOf(importFromLdap));
476         prefs.setValue(PropsKeys.SITEMINDER_USER_HEADER, userHeader);
477 
478         prefs.store();
479     }
480 
481 }