1   /**
2    * Copyright (c) 2000-2009 Liferay, Inc. All rights reserved.
3    *
4    *
5    *
6    *
7    * The contents of this file are subject to the terms of the Liferay Enterprise
8    * Subscription License ("License"). You may not use this file except in
9    * compliance with the License. You can obtain a copy of the License by
10   * contacting Liferay, Inc. See the License for the specific language governing
11   * permissions and limitations under the License, including but not limited to
12   * distribution rights of the Software.
13   *
14   * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15   * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16   * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
17   * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
18   * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
19   * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
20   * SOFTWARE.
21   */
22  
23  package com.liferay.portal.service.impl;
24  
25  import com.liferay.portal.DuplicatePasswordPolicyException;
26  import com.liferay.portal.NoSuchPasswordPolicyRelException;
27  import com.liferay.portal.PasswordPolicyNameException;
28  import com.liferay.portal.PortalException;
29  import com.liferay.portal.RequiredPasswordPolicyException;
30  import com.liferay.portal.SystemException;
31  import com.liferay.portal.kernel.util.OrderByComparator;
32  import com.liferay.portal.kernel.util.StringPool;
33  import com.liferay.portal.kernel.util.Validator;
34  import com.liferay.portal.model.Organization;
35  import com.liferay.portal.model.PasswordPolicy;
36  import com.liferay.portal.model.PasswordPolicyRel;
37  import com.liferay.portal.model.ResourceConstants;
38  import com.liferay.portal.model.User;
39  import com.liferay.portal.security.ldap.PortalLDAPUtil;
40  import com.liferay.portal.service.base.PasswordPolicyLocalServiceBaseImpl;
41  import com.liferay.portal.util.PropsValues;
42  
43  import java.util.Date;
44  import java.util.List;
45  
46  /**
47   * <a href="PasswordPolicyLocalServiceImpl.java.html"><b><i>View Source</i></b>
48   * </a>
49   *
50   * @author Scott Lee
51   */
52  public class PasswordPolicyLocalServiceImpl
53      extends PasswordPolicyLocalServiceBaseImpl {
54  
55      public PasswordPolicy addPasswordPolicy(
56              long userId, boolean defaultPolicy, String name, String description,
57              boolean changeable, boolean changeRequired, long minAge,
58              boolean checkSyntax, boolean allowDictionaryWords, int minLength,
59              boolean history, int historyCount, boolean expireable, long maxAge,
60              long warningTime, int graceLimit, boolean lockout, int maxFailure,
61              long lockoutDuration, long resetFailureCount)
62          throws PortalException, SystemException {
63  
64          // Password policy
65  
66          User user = userPersistence.findByPrimaryKey(userId);
67          Date now = new Date();
68  
69          validate(0, user.getCompanyId(), name);
70  
71          long passwordPolicyId = counterLocalService.increment();
72  
73          PasswordPolicy passwordPolicy = passwordPolicyPersistence.create(
74              passwordPolicyId);
75  
76          passwordPolicy.setUserId(userId);
77          passwordPolicy.setCompanyId(user.getCompanyId());
78          passwordPolicy.setUserName(user.getFullName());
79          passwordPolicy.setCreateDate(now);
80          passwordPolicy.setModifiedDate(now);
81          passwordPolicy.setDefaultPolicy(defaultPolicy);
82          passwordPolicy.setName(name);
83          passwordPolicy.setDescription(description);
84          passwordPolicy.setChangeable(changeable);
85          passwordPolicy.setChangeRequired(changeRequired);
86          passwordPolicy.setMinAge(minAge);
87          passwordPolicy.setCheckSyntax(checkSyntax);
88          passwordPolicy.setAllowDictionaryWords(allowDictionaryWords);
89          passwordPolicy.setMinLength(minLength);
90          passwordPolicy.setHistory(history);
91          passwordPolicy.setHistoryCount(historyCount);
92          passwordPolicy.setExpireable(expireable);
93          passwordPolicy.setMaxAge(maxAge);
94          passwordPolicy.setWarningTime(warningTime);
95          passwordPolicy.setGraceLimit(graceLimit);
96          passwordPolicy.setLockout(lockout);
97          passwordPolicy.setMaxFailure(maxFailure);
98          passwordPolicy.setLockoutDuration(lockoutDuration);
99          passwordPolicy.setRequireUnlock(lockoutDuration == 0);
100         passwordPolicy.setResetFailureCount(resetFailureCount);
101 
102         passwordPolicyPersistence.update(passwordPolicy, false);
103 
104         // Resources
105 
106         if (!user.isDefaultUser()) {
107             resourceLocalService.addResources(
108                 user.getCompanyId(), 0, userId, PasswordPolicy.class.getName(),
109                 passwordPolicy.getPasswordPolicyId(), false, false, false);
110         }
111 
112         return passwordPolicy;
113     }
114 
115     public void checkDefaultPasswordPolicy(long companyId)
116         throws PortalException, SystemException {
117 
118         String defaultPasswordPolicyName =
119             PropsValues.PASSWORDS_DEFAULT_POLICY_NAME;
120 
121         PasswordPolicy defaultPasswordPolicy =
122             passwordPolicyPersistence.fetchByC_N(
123                 companyId, defaultPasswordPolicyName);
124 
125         if (defaultPasswordPolicy == null) {
126             long defaultUserId = userLocalService.getDefaultUserId(companyId);
127 
128             addPasswordPolicy(
129                 defaultUserId, true, defaultPasswordPolicyName,
130                 defaultPasswordPolicyName, true, false, 0, false, true, 6,
131                 false, 6, false, 8640000, 86400, 0, false, 3, 0, 600);
132         }
133     }
134 
135     public void deletePasswordPolicy(long passwordPolicyId)
136         throws PortalException, SystemException {
137 
138         PasswordPolicy passwordPolicy =
139             passwordPolicyPersistence.findByPrimaryKey(passwordPolicyId);
140 
141         if (passwordPolicy.isDefaultPolicy()) {
142             throw new RequiredPasswordPolicyException();
143         }
144 
145         // Password policy relations
146 
147         passwordPolicyRelLocalService.deletePasswordPolicyRels(
148             passwordPolicyId);
149 
150         // Resources
151 
152         resourceLocalService.deleteResource(
153             passwordPolicy.getCompanyId(), PasswordPolicy.class.getName(),
154             ResourceConstants.SCOPE_INDIVIDUAL,
155             passwordPolicy.getPasswordPolicyId());
156 
157         // Password policy
158 
159         passwordPolicyPersistence.remove(passwordPolicy);
160     }
161 
162     public PasswordPolicy getDefaultPasswordPolicy(long companyId)
163         throws PortalException, SystemException {
164 
165         if (PortalLDAPUtil.isPasswordPolicyEnabled(companyId)) {
166             return null;
167         }
168 
169         return passwordPolicyPersistence.findByC_DP(companyId, true);
170     }
171 
172     public PasswordPolicy getPasswordPolicy(long passwordPolicyId)
173         throws PortalException, SystemException {
174 
175         return passwordPolicyPersistence.findByPrimaryKey(passwordPolicyId);
176     }
177 
178     /**
179      * @deprecated
180      */
181     public PasswordPolicy getPasswordPolicy(
182             long companyId, long organizationId, long locationId)
183         throws PortalException, SystemException {
184 
185         return getPasswordPolicy(
186             companyId, new long[] {organizationId, locationId});
187     }
188 
189     public PasswordPolicy getPasswordPolicy(
190             long companyId, long[] organizationIds)
191         throws PortalException, SystemException {
192 
193         if (PortalLDAPUtil.isPasswordPolicyEnabled(companyId)) {
194             return null;
195         }
196 
197         PasswordPolicyRel passwordPolicyRel = null;
198 
199         // Check for password policy specifically assigned to any of the
200         // organizations
201 
202         for (int i = 0; i < organizationIds.length; i++) {
203             long organizationId = organizationIds[i];
204 
205             try {
206                 passwordPolicyRel =
207                     passwordPolicyRelLocalService.getPasswordPolicyRel(
208                         Organization.class.getName(), organizationId);
209 
210                 return getPasswordPolicy(
211                     passwordPolicyRel.getPasswordPolicyId());
212             }
213             catch (NoSuchPasswordPolicyRelException nsppre) {
214             }
215         }
216 
217         // Get default password policy
218 
219         return getDefaultPasswordPolicy(companyId);
220     }
221 
222     public PasswordPolicy getPasswordPolicyByUserId(long userId)
223         throws PortalException, SystemException {
224 
225         User user = userPersistence.findByPrimaryKey(userId);
226 
227         if (PortalLDAPUtil.isPasswordPolicyEnabled(user.getCompanyId())) {
228             return null;
229         }
230 
231         PasswordPolicyRel passwordPolicyRel = null;
232 
233         // Check for password policy specifically assigned to this user
234 
235         try {
236             passwordPolicyRel =
237                 passwordPolicyRelLocalService.getPasswordPolicyRel(
238                     User.class.getName(), userId);
239 
240             return getPasswordPolicy(passwordPolicyRel.getPasswordPolicyId());
241         }
242         catch (NoSuchPasswordPolicyRelException nsppre) {
243         }
244 
245         long[] organizationIds = user.getOrganizationIds();
246 
247         return getPasswordPolicy(user.getCompanyId(), organizationIds);
248     }
249 
250     public List<PasswordPolicy> search(
251             long companyId, String name, int start, int end,
252             OrderByComparator obc)
253         throws SystemException {
254 
255         return passwordPolicyFinder.findByC_N(companyId, name, start, end, obc);
256     }
257 
258     public int searchCount(long companyId, String name)
259         throws SystemException {
260 
261         return passwordPolicyFinder.countByC_N(companyId, name);
262     }
263 
264     public PasswordPolicy updatePasswordPolicy(
265             long passwordPolicyId, String name, String description,
266             boolean changeable, boolean changeRequired, long minAge,
267             boolean checkSyntax, boolean allowDictionaryWords, int minLength,
268             boolean history, int historyCount, boolean expireable, long maxAge,
269             long warningTime, int graceLimit, boolean lockout, int maxFailure,
270             long lockoutDuration, long resetFailureCount)
271         throws PortalException, SystemException {
272 
273         Date now = new Date();
274 
275         PasswordPolicy passwordPolicy =
276             passwordPolicyPersistence.findByPrimaryKey(
277                 passwordPolicyId);
278 
279         if (!passwordPolicy.getDefaultPolicy()) {
280             validate(passwordPolicyId, passwordPolicy.getCompanyId(), name);
281 
282             passwordPolicy.setName(name);
283         }
284 
285         passwordPolicy.setModifiedDate(now);
286         passwordPolicy.setDescription(description);
287         passwordPolicy.setChangeable(changeable);
288         passwordPolicy.setChangeRequired(changeRequired);
289         passwordPolicy.setMinAge(minAge);
290         passwordPolicy.setCheckSyntax(checkSyntax);
291         passwordPolicy.setAllowDictionaryWords(allowDictionaryWords);
292         passwordPolicy.setMinLength(minLength);
293         passwordPolicy.setHistory(history);
294         passwordPolicy.setHistoryCount(historyCount);
295         passwordPolicy.setExpireable(expireable);
296         passwordPolicy.setMaxAge(maxAge);
297         passwordPolicy.setWarningTime(warningTime);
298         passwordPolicy.setGraceLimit(graceLimit);
299         passwordPolicy.setLockout(lockout);
300         passwordPolicy.setMaxFailure(maxFailure);
301         passwordPolicy.setLockoutDuration(lockoutDuration);
302         passwordPolicy.setRequireUnlock(lockoutDuration == 0);
303         passwordPolicy.setResetFailureCount(resetFailureCount);
304 
305         passwordPolicyPersistence.update(passwordPolicy, false);
306 
307         return passwordPolicy;
308     }
309 
310     protected void validate(long passwordPolicyId, long companyId, String name)
311         throws PortalException, SystemException {
312 
313         if ((Validator.isNull(name)) || (Validator.isNumber(name)) ||
314             (name.indexOf(StringPool.COMMA) != -1) ||
315             (name.indexOf(StringPool.STAR) != -1)) {
316 
317             throw new PasswordPolicyNameException();
318         }
319 
320         PasswordPolicy passwordPolicy = passwordPolicyPersistence.fetchByC_N(
321             companyId, name);
322 
323         if (passwordPolicy != null) {
324             if ((passwordPolicyId <= 0) ||
325                 (passwordPolicy.getPasswordPolicyId() != passwordPolicyId)) {
326 
327                 throw new DuplicatePasswordPolicyException();
328             }
329         }
330     }
331 
332 }