1   /**
2    * Copyright (c) 2000-2007 Liferay, Inc. All rights reserved.
3    *
4    * Permission is hereby granted, free of charge, to any person obtaining a copy
5    * of this software and associated documentation files (the "Software"), to deal
6    * in the Software without restriction, including without limitation the rights
7    * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
8    * copies of the Software, and to permit persons to whom the Software is
9    * furnished to do so, subject to the following conditions:
10   *
11   * The above copyright notice and this permission notice shall be included in
12   * all copies or substantial portions of the Software.
13   *
14   * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15   * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16   * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
17   * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
18   * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
19   * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
20   * SOFTWARE.
21   */
22  
23  package com.liferay.portlet.enterpriseadmin.action;
24  
25  import com.liferay.portal.kernel.util.Constants;
26  import com.liferay.portal.kernel.util.ParamUtil;
27  import com.liferay.portal.kernel.util.Validator;
28  import com.liferay.portal.model.Company;
29  import com.liferay.portal.model.impl.RoleImpl;
30  import com.liferay.portal.security.auth.PrincipalException;
31  import com.liferay.portal.service.CompanyServiceUtil;
32  import com.liferay.portal.service.RoleLocalServiceUtil;
33  import com.liferay.portal.servlet.filters.sso.cas.CASFilter;
34  import com.liferay.portal.struts.PortletAction;
35  import com.liferay.portal.util.PortalUtil;
36  import com.liferay.portal.util.PrefsPropsUtil;
37  import com.liferay.portal.util.PropsUtil;
38  import com.liferay.util.ldap.LDAPUtil;
39  import com.liferay.util.servlet.SessionErrors;
40  
41  import java.io.PrintWriter;
42  import java.io.StringWriter;
43  
44  import java.util.Properties;
45  
46  import javax.naming.Context;
47  import javax.naming.ldap.InitialLdapContext;
48  
49  import javax.portlet.ActionRequest;
50  import javax.portlet.ActionResponse;
51  import javax.portlet.PortletConfig;
52  import javax.portlet.PortletPreferences;
53  
54  import org.apache.commons.logging.Log;
55  import org.apache.commons.logging.LogFactory;
56  import org.apache.struts.action.ActionForm;
57  import org.apache.struts.action.ActionMapping;
58  
59  /**
60   * <a href="EditSettingsAction.java.html"><b><i>View Source</i></b></a>
61   *
62   * @author Brian Wing Shun Chan
63   *
64   */
65  public class EditSettingsAction extends PortletAction {
66  
67      public void processAction(
68              ActionMapping mapping, ActionForm form, PortletConfig config,
69              ActionRequest req, ActionResponse res)
70          throws Exception {
71  
72          long companyId = PortalUtil.getCompanyId(req);
73          long userId = PortalUtil.getUserId(req);
74  
75          if (!RoleLocalServiceUtil.hasUserRole(
76                  userId, companyId, RoleImpl.ADMINISTRATOR, true)) {
77  
78              SessionErrors.add(req, PrincipalException.class.getName());
79  
80              setForward(req, "portlet.enterprise_admin.error");
81  
82              return;
83          }
84  
85          PortletPreferences prefs = PrefsPropsUtil.getPreferences(companyId);
86  
87          String cmd = ParamUtil.getString(req, Constants.CMD);
88  
89          if (cmd.equals("updateCAS")) {
90              updateCAS(req, companyId, prefs);
91          }
92          else if (cmd.equals("updateDefaultGroupsAndRoles")) {
93              updateDefaultGroupsAndRoles(req, prefs);
94          }
95          else if (cmd.equals("updateEmails")) {
96              updateEmails(req, prefs);
97          }
98          else if (cmd.equals("updateLdap")) {
99              updateLdap(req, prefs);
100         }
101         else if (cmd.equals("updateMailHostNames")) {
102             updateMailHostNames(req, prefs);
103         }
104         else if (cmd.equals("updateNtlm")) {
105             updateNtlm(req, companyId, prefs);
106         }
107         else if (cmd.equals("updateOpenId")) {
108             updateOpenId(req, prefs);
109         }
110         else if (cmd.equals("updateOpenSSO")) {
111             updateOpenSSO(req, companyId, prefs);
112         }
113         else if (cmd.equals("updateReservedUsers")) {
114             updateReservedUsers(req, prefs);
115         }
116         else if (cmd.equals("updateSecurity")) {
117             updateSecurity(req);
118         }
119 
120         if (SessionErrors.isEmpty(req)) {
121             if (!cmd.equals("updateLdap") && !cmd.equals("updateSecurity")) {
122                 prefs.store();
123             }
124 
125             sendRedirect(req, res);
126         }
127         else {
128             setForward(req, "portlet.enterprise_admin.view");
129         }
130     }
131 
132     protected void updateCAS(
133             ActionRequest req, long companyId, PortletPreferences prefs)
134         throws Exception {
135 
136         boolean enabled = ParamUtil.getBoolean(req, "enabled");
137         boolean importFromLdap = ParamUtil.getBoolean(req, "importFromLdap");
138         String loginUrl = ParamUtil.getString(req, "loginUrl");
139         String logoutUrl = ParamUtil.getString(req, "logoutUrl");
140         String serviceUrl = ParamUtil.getString(req, "serviceUrl");
141         String validateUrl = ParamUtil.getString(req, "validateUrl");
142 
143         prefs.setValue(
144             PropsUtil.CAS_AUTH_ENABLED, String.valueOf(enabled));
145         prefs.setValue(
146             PropsUtil.CAS_IMPORT_FROM_LDAP, String.valueOf(importFromLdap));
147         prefs.setValue(PropsUtil.CAS_LOGIN_URL, loginUrl);
148         prefs.setValue(PropsUtil.CAS_LOGOUT_URL, logoutUrl);
149         prefs.setValue(PropsUtil.CAS_SERVICE_URL, serviceUrl);
150         prefs.setValue(PropsUtil.CAS_VALIDATE_URL, validateUrl);
151 
152         prefs.store();
153 
154         CASFilter.reload(companyId);
155     }
156 
157     protected void updateDefaultGroupsAndRoles(
158             ActionRequest req, PortletPreferences prefs)
159         throws Exception {
160 
161         String defaultGroupNames = ParamUtil.getString(
162             req, "defaultGroupNames");
163         String defaultRoleNames = ParamUtil.getString(req, "defaultRoleNames");
164         String defaultUserGroupNames = ParamUtil.getString(
165             req, "defaultUserGroupNames");
166 
167         prefs.setValue(PropsUtil.ADMIN_DEFAULT_GROUP_NAMES, defaultGroupNames);
168         prefs.setValue(PropsUtil.ADMIN_DEFAULT_ROLE_NAMES, defaultRoleNames);
169         prefs.setValue(
170             PropsUtil.ADMIN_DEFAULT_USER_GROUP_NAMES, defaultUserGroupNames);
171     }
172 
173     protected void updateEmails(
174             ActionRequest req, PortletPreferences prefs)
175         throws Exception {
176 
177         String tabs3 = ParamUtil.getString(req, "tabs3");
178 
179         if (tabs3.equals("account-created-notification")) {
180             String emailUserAddedEnabled = ParamUtil.getString(
181                 req, "emailUserAddedEnabled");
182             String emailUserAddedSubject = ParamUtil.getString(
183                 req, "emailUserAddedSubject");
184             String emailUserAddedBody = ParamUtil.getString(
185                 req, "emailUserAddedBody");
186 
187             if (Validator.isNull(emailUserAddedSubject)) {
188                 SessionErrors.add(req, "emailUserAddedSubject");
189             }
190             else if (Validator.isNull(emailUserAddedBody)) {
191                 SessionErrors.add(req, "emailUserAddedBody");
192             }
193             else {
194                 prefs.setValue(
195                     PropsUtil.ADMIN_EMAIL_USER_ADDED_ENABLED,
196                     emailUserAddedEnabled);
197                 prefs.setValue(
198                     PropsUtil.ADMIN_EMAIL_USER_ADDED_SUBJECT,
199                     emailUserAddedSubject);
200                 prefs.setValue(
201                     PropsUtil.ADMIN_EMAIL_USER_ADDED_BODY, emailUserAddedBody);
202             }
203         }
204         else if (tabs3.equals("password-changed-notification")) {
205             String emailPasswordSentEnabled = ParamUtil.getString(
206                 req, "emailPasswordSentEnabled");
207             String emailPasswordSentSubject = ParamUtil.getString(
208                 req, "emailPasswordSentSubject");
209             String emailPasswordSentBody = ParamUtil.getString(
210                 req, "emailPasswordSentBody");
211 
212             if (Validator.isNull(emailPasswordSentSubject)) {
213                 SessionErrors.add(req, "emailPasswordSentSubject");
214             }
215             else if (Validator.isNull(emailPasswordSentBody)) {
216                 SessionErrors.add(req, "emailPasswordSentBody");
217             }
218             else {
219                 prefs.setValue(
220                     PropsUtil.ADMIN_EMAIL_PASSWORD_SENT_ENABLED,
221                     emailPasswordSentEnabled);
222                 prefs.setValue(
223                     PropsUtil.ADMIN_EMAIL_PASSWORD_SENT_SUBJECT,
224                     emailPasswordSentSubject);
225                 prefs.setValue(
226                     PropsUtil.ADMIN_EMAIL_PASSWORD_SENT_BODY,
227                     emailPasswordSentBody);
228             }
229         }
230         else {
231             String emailFromName = ParamUtil.getString(req, "emailFromName");
232             String emailFromAddress = ParamUtil.getString(
233                 req, "emailFromAddress");
234 
235             if (Validator.isNull(emailFromName)) {
236                 SessionErrors.add(req, "emailFromName");
237             }
238             else if (!Validator.isEmailAddress(emailFromAddress)) {
239                 SessionErrors.add(req, "emailFromAddress");
240             }
241             else {
242                 prefs.setValue(PropsUtil.ADMIN_EMAIL_FROM_NAME, emailFromName);
243                 prefs.setValue(
244                     PropsUtil.ADMIN_EMAIL_FROM_ADDRESS, emailFromAddress);
245             }
246         }
247     }
248 
249     protected void updateLdap(ActionRequest req, PortletPreferences prefs)
250         throws Exception {
251 
252         boolean enabled = ParamUtil.getBoolean(req, "enabled");
253         boolean required = ParamUtil.getBoolean(req, "required");
254         String baseProviderURL = ParamUtil.getString(req, "baseProviderURL");
255         String baseDN = ParamUtil.getString(req, "baseDN");
256         String principal = ParamUtil.getString(req, "principal");
257         String credentials = ParamUtil.getString(req, "credentials");
258         String searchFilter = ParamUtil.getString(req, "searchFilter");
259         String passwordEncryptionAlgorithm = ParamUtil.getString(
260             req, "passwordEncryptionAlgorithm");
261         String userMappings = ParamUtil.getString(req, "userMappings");
262         boolean importEnabled = ParamUtil.getBoolean(req, "importEnabled");
263         boolean importOnStartup = ParamUtil.getBoolean(req, "importOnStartup");
264         long importInterval = ParamUtil.getLong(req, "importInterval");
265         String importUserSearchFilter = ParamUtil.getString(
266             req, "importUserSearchFilter");
267         String importGroupSearchFilter = ParamUtil.getString(
268             req, "importGroupSearchFilter");
269         boolean exportEnabled = ParamUtil.getBoolean(req, "exportEnabled");
270         String usersDn = ParamUtil.getString(req, "usersDn");
271         String userDefaultObjectClasses = ParamUtil.getString(
272             req, "userDefaultObjectClasses");
273         boolean passwordPolicyEnabled = ParamUtil.getBoolean(
274             req, "passwordPolicyEnabled");
275 
276         try {
277             if (enabled) {
278                 Properties env = new Properties();
279 
280                 env.put(
281                     Context.INITIAL_CONTEXT_FACTORY,
282                     PrefsPropsUtil.getString(PropsUtil.LDAP_FACTORY_INITIAL));
283                 env.put(
284                     Context.PROVIDER_URL,
285                     LDAPUtil.getFullProviderURL(baseProviderURL, baseDN));
286                 env.put(Context.SECURITY_PRINCIPAL, principal);
287                 env.put(Context.SECURITY_CREDENTIALS, credentials);
288 
289                 if (_log.isDebugEnabled()) {
290                     StringWriter sw = new StringWriter();
291 
292                     env.list(new PrintWriter(sw));
293 
294                     _log.debug(sw.getBuffer().toString());
295                 }
296 
297                 new InitialLdapContext(env, null);
298             }
299         }
300         catch (Exception e) {
301             SessionErrors.add(req, "ldapAuthentication");
302 
303             return;
304         }
305 
306         prefs.setValue(PropsUtil.LDAP_AUTH_ENABLED, String.valueOf(enabled));
307         prefs.setValue(PropsUtil.LDAP_AUTH_REQUIRED, String.valueOf(required));
308         prefs.setValue(PropsUtil.LDAP_BASE_PROVIDER_URL, baseProviderURL);
309         prefs.setValue(PropsUtil.LDAP_BASE_DN, baseDN);
310         prefs.setValue(PropsUtil.LDAP_SECURITY_PRINCIPAL, principal);
311         prefs.setValue(PropsUtil.LDAP_SECURITY_CREDENTIALS, credentials);
312         prefs.setValue(PropsUtil.LDAP_AUTH_SEARCH_FILTER, searchFilter);
313         prefs.setValue(
314             PropsUtil.LDAP_AUTH_PASSWORD_ENCRYPTION_ALGORITHM,
315             passwordEncryptionAlgorithm);
316         prefs.setValue(PropsUtil.LDAP_USER_MAPPINGS, userMappings);
317         prefs.setValue(
318             PropsUtil.LDAP_IMPORT_ENABLED, String.valueOf(importEnabled));
319         prefs.setValue(
320             PropsUtil.LDAP_IMPORT_ON_STARTUP, String.valueOf(importOnStartup));
321         prefs.setValue(
322             PropsUtil.LDAP_IMPORT_INTERVAL, String.valueOf(importInterval));
323         prefs.setValue(
324             PropsUtil.LDAP_IMPORT_USER_SEARCH_FILTER, importUserSearchFilter);
325         prefs.setValue(
326             PropsUtil.LDAP_IMPORT_GROUP_SEARCH_FILTER, importGroupSearchFilter);
327         prefs.setValue(
328             PropsUtil.LDAP_EXPORT_ENABLED, String.valueOf(exportEnabled));
329         prefs.setValue(PropsUtil.LDAP_USERS_DN, usersDn);
330         prefs.setValue(
331             PropsUtil.LDAP_USER_DEFAULT_OBJECT_CLASSES,
332             userDefaultObjectClasses);
333         prefs.setValue(
334             PropsUtil.LDAP_PASSWORD_POLICY_ENABLED,
335             String.valueOf(passwordPolicyEnabled));
336 
337         prefs.store();
338     }
339 
340     protected void updateMailHostNames(
341             ActionRequest req, PortletPreferences prefs)
342         throws Exception {
343 
344         String mailHostNames = ParamUtil.getString(req, "mailHostNames");
345 
346         prefs.setValue(PropsUtil.ADMIN_MAIL_HOST_NAMES, mailHostNames);
347     }
348 
349     protected void updateNtlm(
350             ActionRequest req, long companyId, PortletPreferences prefs)
351         throws Exception {
352 
353         boolean enabled = ParamUtil.getBoolean(req, "enabled");
354         String domainController = ParamUtil.getString(req, "domainController");
355         String domain = ParamUtil.getString(req, "domain");
356 
357         prefs.setValue(
358             PropsUtil.NTLM_AUTH_ENABLED, String.valueOf(enabled));
359         prefs.setValue(PropsUtil.NTLM_DOMAIN_CONTROLLER, domainController);
360         prefs.setValue(PropsUtil.NTLM_DOMAIN, domain);
361 
362         prefs.store();
363     }
364 
365     protected void updateOpenId(ActionRequest req, PortletPreferences prefs)
366         throws Exception {
367 
368         boolean enabled = ParamUtil.getBoolean(req, "enabled");
369 
370         prefs.setValue(PropsUtil.OPEN_ID_AUTH_ENABLED, String.valueOf(enabled));
371 
372         prefs.store();
373     }
374 
375     protected void updateOpenSSO(
376             ActionRequest req, long companyId, PortletPreferences prefs)
377         throws Exception {
378 
379         boolean enabled = ParamUtil.getBoolean(req, "enabled");
380         String loginUrl = ParamUtil.getString(req, "loginUrl");
381         String logoutUrl = ParamUtil.getString(req, "logoutUrl");
382         String serviceUrl = ParamUtil.getString(req, "serviceUrl");
383         String subjectCookieName = ParamUtil.getString(
384             req, "subjectCookieName");
385 
386         prefs.setValue(
387             PropsUtil.OPEN_SSO_AUTH_ENABLED, String.valueOf(enabled));
388         prefs.setValue(PropsUtil.OPEN_SSO_LOGIN_URL, loginUrl);
389         prefs.setValue(PropsUtil.OPEN_SSO_LOGOUT_URL, logoutUrl);
390         prefs.setValue(PropsUtil.OPEN_SSO_SERVICE_URL, serviceUrl);
391         prefs.setValue(
392             PropsUtil.OPEN_SSO_SUBJECT_COOKIE_NAME, subjectCookieName);
393 
394         prefs.store();
395     }
396 
397     protected void updateReservedUsers(
398             ActionRequest req, PortletPreferences prefs)
399         throws Exception {
400 
401         String reservedScreenNames = ParamUtil.getString(
402             req, "reservedScreenNames");
403         String reservedEmailAddresses = ParamUtil.getString(
404             req, "reservedEmailAddresses");
405 
406         prefs.setValue(
407             PropsUtil.ADMIN_RESERVED_SCREEN_NAMES, reservedScreenNames);
408         prefs.setValue(
409             PropsUtil.ADMIN_RESERVED_EMAIL_ADDRESSES, reservedEmailAddresses);
410     }
411 
412     protected void updateSecurity(ActionRequest req) throws Exception {
413         Company company = PortalUtil.getCompany(req);
414 
415         String authType = ParamUtil.getString(req, "authType");
416         boolean autoLogin = ParamUtil.getBoolean(req, "autoLogin");
417         boolean sendPassword = ParamUtil.getBoolean(req, "sendPassword");
418         boolean strangers = ParamUtil.getBoolean(req, "strangers");
419         boolean strangersWithMx = ParamUtil.getBoolean(req, "strangersWithMx");
420         boolean strangersVerify = ParamUtil.getBoolean(req, "strangersVerify");
421 
422         CompanyServiceUtil.updateSecurity(
423             company.getCompanyId(), authType, autoLogin, sendPassword,
424             strangers, strangersWithMx, strangersVerify,
425             company.isCommunityLogo());
426     }
427 
428     private static Log _log = LogFactory.getLog(EditSettingsAction.class);
429 
430 }