1
22
23 package com.liferay.portlet.enterpriseadmin.action;
24
25 import com.liferay.portal.kernel.util.Constants;
26 import com.liferay.portal.kernel.util.ParamUtil;
27 import com.liferay.portal.kernel.util.Validator;
28 import com.liferay.portal.model.Company;
29 import com.liferay.portal.model.impl.RoleImpl;
30 import com.liferay.portal.security.auth.PrincipalException;
31 import com.liferay.portal.service.CompanyServiceUtil;
32 import com.liferay.portal.service.RoleLocalServiceUtil;
33 import com.liferay.portal.servlet.filters.sso.cas.CASFilter;
34 import com.liferay.portal.struts.PortletAction;
35 import com.liferay.portal.util.PortalUtil;
36 import com.liferay.portal.util.PrefsPropsUtil;
37 import com.liferay.portal.util.PropsUtil;
38 import com.liferay.util.ldap.LDAPUtil;
39 import com.liferay.util.servlet.SessionErrors;
40
41 import java.io.PrintWriter;
42 import java.io.StringWriter;
43
44 import java.util.Properties;
45
46 import javax.naming.Context;
47 import javax.naming.ldap.InitialLdapContext;
48
49 import javax.portlet.ActionRequest;
50 import javax.portlet.ActionResponse;
51 import javax.portlet.PortletConfig;
52 import javax.portlet.PortletPreferences;
53
54 import org.apache.commons.logging.Log;
55 import org.apache.commons.logging.LogFactory;
56 import org.apache.struts.action.ActionForm;
57 import org.apache.struts.action.ActionMapping;
58
59
65 public class EditSettingsAction extends PortletAction {
66
67 public void processAction(
68 ActionMapping mapping, ActionForm form, PortletConfig config,
69 ActionRequest req, ActionResponse res)
70 throws Exception {
71
72 long companyId = PortalUtil.getCompanyId(req);
73 long userId = PortalUtil.getUserId(req);
74
75 if (!RoleLocalServiceUtil.hasUserRole(
76 userId, companyId, RoleImpl.ADMINISTRATOR, true)) {
77
78 SessionErrors.add(req, PrincipalException.class.getName());
79
80 setForward(req, "portlet.enterprise_admin.error");
81
82 return;
83 }
84
85 PortletPreferences prefs = PrefsPropsUtil.getPreferences(companyId);
86
87 String cmd = ParamUtil.getString(req, Constants.CMD);
88
89 if (cmd.equals("updateCAS")) {
90 updateCAS(req, companyId, prefs);
91 }
92 else if (cmd.equals("updateDefaultGroupsAndRoles")) {
93 updateDefaultGroupsAndRoles(req, prefs);
94 }
95 else if (cmd.equals("updateEmails")) {
96 updateEmails(req, prefs);
97 }
98 else if (cmd.equals("updateLdap")) {
99 updateLdap(req, prefs);
100 }
101 else if (cmd.equals("updateMailHostNames")) {
102 updateMailHostNames(req, prefs);
103 }
104 else if (cmd.equals("updateNtlm")) {
105 updateNtlm(req, companyId, prefs);
106 }
107 else if (cmd.equals("updateOpenId")) {
108 updateOpenId(req, prefs);
109 }
110 else if (cmd.equals("updateOpenSSO")) {
111 updateOpenSSO(req, companyId, prefs);
112 }
113 else if (cmd.equals("updateReservedUsers")) {
114 updateReservedUsers(req, prefs);
115 }
116 else if (cmd.equals("updateSecurity")) {
117 updateSecurity(req);
118 }
119
120 if (SessionErrors.isEmpty(req)) {
121 if (!cmd.equals("updateLdap") && !cmd.equals("updateSecurity")) {
122 prefs.store();
123 }
124
125 sendRedirect(req, res);
126 }
127 else {
128 setForward(req, "portlet.enterprise_admin.view");
129 }
130 }
131
132 protected void updateCAS(
133 ActionRequest req, long companyId, PortletPreferences prefs)
134 throws Exception {
135
136 boolean enabled = ParamUtil.getBoolean(req, "enabled");
137 boolean importFromLdap = ParamUtil.getBoolean(req, "importFromLdap");
138 String loginUrl = ParamUtil.getString(req, "loginUrl");
139 String logoutUrl = ParamUtil.getString(req, "logoutUrl");
140 String serviceUrl = ParamUtil.getString(req, "serviceUrl");
141 String validateUrl = ParamUtil.getString(req, "validateUrl");
142
143 prefs.setValue(
144 PropsUtil.CAS_AUTH_ENABLED, String.valueOf(enabled));
145 prefs.setValue(
146 PropsUtil.CAS_IMPORT_FROM_LDAP, String.valueOf(importFromLdap));
147 prefs.setValue(PropsUtil.CAS_LOGIN_URL, loginUrl);
148 prefs.setValue(PropsUtil.CAS_LOGOUT_URL, logoutUrl);
149 prefs.setValue(PropsUtil.CAS_SERVICE_URL, serviceUrl);
150 prefs.setValue(PropsUtil.CAS_VALIDATE_URL, validateUrl);
151
152 prefs.store();
153
154 CASFilter.reload(companyId);
155 }
156
157 protected void updateDefaultGroupsAndRoles(
158 ActionRequest req, PortletPreferences prefs)
159 throws Exception {
160
161 String defaultGroupNames = ParamUtil.getString(
162 req, "defaultGroupNames");
163 String defaultRoleNames = ParamUtil.getString(req, "defaultRoleNames");
164 String defaultUserGroupNames = ParamUtil.getString(
165 req, "defaultUserGroupNames");
166
167 prefs.setValue(PropsUtil.ADMIN_DEFAULT_GROUP_NAMES, defaultGroupNames);
168 prefs.setValue(PropsUtil.ADMIN_DEFAULT_ROLE_NAMES, defaultRoleNames);
169 prefs.setValue(
170 PropsUtil.ADMIN_DEFAULT_USER_GROUP_NAMES, defaultUserGroupNames);
171 }
172
173 protected void updateEmails(
174 ActionRequest req, PortletPreferences prefs)
175 throws Exception {
176
177 String tabs3 = ParamUtil.getString(req, "tabs3");
178
179 if (tabs3.equals("account-created-notification")) {
180 String emailUserAddedEnabled = ParamUtil.getString(
181 req, "emailUserAddedEnabled");
182 String emailUserAddedSubject = ParamUtil.getString(
183 req, "emailUserAddedSubject");
184 String emailUserAddedBody = ParamUtil.getString(
185 req, "emailUserAddedBody");
186
187 if (Validator.isNull(emailUserAddedSubject)) {
188 SessionErrors.add(req, "emailUserAddedSubject");
189 }
190 else if (Validator.isNull(emailUserAddedBody)) {
191 SessionErrors.add(req, "emailUserAddedBody");
192 }
193 else {
194 prefs.setValue(
195 PropsUtil.ADMIN_EMAIL_USER_ADDED_ENABLED,
196 emailUserAddedEnabled);
197 prefs.setValue(
198 PropsUtil.ADMIN_EMAIL_USER_ADDED_SUBJECT,
199 emailUserAddedSubject);
200 prefs.setValue(
201 PropsUtil.ADMIN_EMAIL_USER_ADDED_BODY, emailUserAddedBody);
202 }
203 }
204 else if (tabs3.equals("password-changed-notification")) {
205 String emailPasswordSentEnabled = ParamUtil.getString(
206 req, "emailPasswordSentEnabled");
207 String emailPasswordSentSubject = ParamUtil.getString(
208 req, "emailPasswordSentSubject");
209 String emailPasswordSentBody = ParamUtil.getString(
210 req, "emailPasswordSentBody");
211
212 if (Validator.isNull(emailPasswordSentSubject)) {
213 SessionErrors.add(req, "emailPasswordSentSubject");
214 }
215 else if (Validator.isNull(emailPasswordSentBody)) {
216 SessionErrors.add(req, "emailPasswordSentBody");
217 }
218 else {
219 prefs.setValue(
220 PropsUtil.ADMIN_EMAIL_PASSWORD_SENT_ENABLED,
221 emailPasswordSentEnabled);
222 prefs.setValue(
223 PropsUtil.ADMIN_EMAIL_PASSWORD_SENT_SUBJECT,
224 emailPasswordSentSubject);
225 prefs.setValue(
226 PropsUtil.ADMIN_EMAIL_PASSWORD_SENT_BODY,
227 emailPasswordSentBody);
228 }
229 }
230 else {
231 String emailFromName = ParamUtil.getString(req, "emailFromName");
232 String emailFromAddress = ParamUtil.getString(
233 req, "emailFromAddress");
234
235 if (Validator.isNull(emailFromName)) {
236 SessionErrors.add(req, "emailFromName");
237 }
238 else if (!Validator.isEmailAddress(emailFromAddress)) {
239 SessionErrors.add(req, "emailFromAddress");
240 }
241 else {
242 prefs.setValue(PropsUtil.ADMIN_EMAIL_FROM_NAME, emailFromName);
243 prefs.setValue(
244 PropsUtil.ADMIN_EMAIL_FROM_ADDRESS, emailFromAddress);
245 }
246 }
247 }
248
249 protected void updateLdap(ActionRequest req, PortletPreferences prefs)
250 throws Exception {
251
252 boolean enabled = ParamUtil.getBoolean(req, "enabled");
253 boolean required = ParamUtil.getBoolean(req, "required");
254 String baseProviderURL = ParamUtil.getString(req, "baseProviderURL");
255 String baseDN = ParamUtil.getString(req, "baseDN");
256 String principal = ParamUtil.getString(req, "principal");
257 String credentials = ParamUtil.getString(req, "credentials");
258 String searchFilter = ParamUtil.getString(req, "searchFilter");
259 String passwordEncryptionAlgorithm = ParamUtil.getString(
260 req, "passwordEncryptionAlgorithm");
261 String userMappings = ParamUtil.getString(req, "userMappings");
262 boolean importEnabled = ParamUtil.getBoolean(req, "importEnabled");
263 boolean importOnStartup = ParamUtil.getBoolean(req, "importOnStartup");
264 long importInterval = ParamUtil.getLong(req, "importInterval");
265 String importUserSearchFilter = ParamUtil.getString(
266 req, "importUserSearchFilter");
267 String importGroupSearchFilter = ParamUtil.getString(
268 req, "importGroupSearchFilter");
269 boolean exportEnabled = ParamUtil.getBoolean(req, "exportEnabled");
270 String usersDn = ParamUtil.getString(req, "usersDn");
271 String userDefaultObjectClasses = ParamUtil.getString(
272 req, "userDefaultObjectClasses");
273 boolean passwordPolicyEnabled = ParamUtil.getBoolean(
274 req, "passwordPolicyEnabled");
275
276 try {
277 if (enabled) {
278 Properties env = new Properties();
279
280 env.put(
281 Context.INITIAL_CONTEXT_FACTORY,
282 PrefsPropsUtil.getString(PropsUtil.LDAP_FACTORY_INITIAL));
283 env.put(
284 Context.PROVIDER_URL,
285 LDAPUtil.getFullProviderURL(baseProviderURL, baseDN));
286 env.put(Context.SECURITY_PRINCIPAL, principal);
287 env.put(Context.SECURITY_CREDENTIALS, credentials);
288
289 if (_log.isDebugEnabled()) {
290 StringWriter sw = new StringWriter();
291
292 env.list(new PrintWriter(sw));
293
294 _log.debug(sw.getBuffer().toString());
295 }
296
297 new InitialLdapContext(env, null);
298 }
299 }
300 catch (Exception e) {
301 SessionErrors.add(req, "ldapAuthentication");
302
303 return;
304 }
305
306 prefs.setValue(PropsUtil.LDAP_AUTH_ENABLED, String.valueOf(enabled));
307 prefs.setValue(PropsUtil.LDAP_AUTH_REQUIRED, String.valueOf(required));
308 prefs.setValue(PropsUtil.LDAP_BASE_PROVIDER_URL, baseProviderURL);
309 prefs.setValue(PropsUtil.LDAP_BASE_DN, baseDN);
310 prefs.setValue(PropsUtil.LDAP_SECURITY_PRINCIPAL, principal);
311 prefs.setValue(PropsUtil.LDAP_SECURITY_CREDENTIALS, credentials);
312 prefs.setValue(PropsUtil.LDAP_AUTH_SEARCH_FILTER, searchFilter);
313 prefs.setValue(
314 PropsUtil.LDAP_AUTH_PASSWORD_ENCRYPTION_ALGORITHM,
315 passwordEncryptionAlgorithm);
316 prefs.setValue(PropsUtil.LDAP_USER_MAPPINGS, userMappings);
317 prefs.setValue(
318 PropsUtil.LDAP_IMPORT_ENABLED, String.valueOf(importEnabled));
319 prefs.setValue(
320 PropsUtil.LDAP_IMPORT_ON_STARTUP, String.valueOf(importOnStartup));
321 prefs.setValue(
322 PropsUtil.LDAP_IMPORT_INTERVAL, String.valueOf(importInterval));
323 prefs.setValue(
324 PropsUtil.LDAP_IMPORT_USER_SEARCH_FILTER, importUserSearchFilter);
325 prefs.setValue(
326 PropsUtil.LDAP_IMPORT_GROUP_SEARCH_FILTER, importGroupSearchFilter);
327 prefs.setValue(
328 PropsUtil.LDAP_EXPORT_ENABLED, String.valueOf(exportEnabled));
329 prefs.setValue(PropsUtil.LDAP_USERS_DN, usersDn);
330 prefs.setValue(
331 PropsUtil.LDAP_USER_DEFAULT_OBJECT_CLASSES,
332 userDefaultObjectClasses);
333 prefs.setValue(
334 PropsUtil.LDAP_PASSWORD_POLICY_ENABLED,
335 String.valueOf(passwordPolicyEnabled));
336
337 prefs.store();
338 }
339
340 protected void updateMailHostNames(
341 ActionRequest req, PortletPreferences prefs)
342 throws Exception {
343
344 String mailHostNames = ParamUtil.getString(req, "mailHostNames");
345
346 prefs.setValue(PropsUtil.ADMIN_MAIL_HOST_NAMES, mailHostNames);
347 }
348
349 protected void updateNtlm(
350 ActionRequest req, long companyId, PortletPreferences prefs)
351 throws Exception {
352
353 boolean enabled = ParamUtil.getBoolean(req, "enabled");
354 String domainController = ParamUtil.getString(req, "domainController");
355 String domain = ParamUtil.getString(req, "domain");
356
357 prefs.setValue(
358 PropsUtil.NTLM_AUTH_ENABLED, String.valueOf(enabled));
359 prefs.setValue(PropsUtil.NTLM_DOMAIN_CONTROLLER, domainController);
360 prefs.setValue(PropsUtil.NTLM_DOMAIN, domain);
361
362 prefs.store();
363 }
364
365 protected void updateOpenId(ActionRequest req, PortletPreferences prefs)
366 throws Exception {
367
368 boolean enabled = ParamUtil.getBoolean(req, "enabled");
369
370 prefs.setValue(PropsUtil.OPEN_ID_AUTH_ENABLED, String.valueOf(enabled));
371
372 prefs.store();
373 }
374
375 protected void updateOpenSSO(
376 ActionRequest req, long companyId, PortletPreferences prefs)
377 throws Exception {
378
379 boolean enabled = ParamUtil.getBoolean(req, "enabled");
380 String loginUrl = ParamUtil.getString(req, "loginUrl");
381 String logoutUrl = ParamUtil.getString(req, "logoutUrl");
382 String serviceUrl = ParamUtil.getString(req, "serviceUrl");
383 String subjectCookieName = ParamUtil.getString(
384 req, "subjectCookieName");
385
386 prefs.setValue(
387 PropsUtil.OPEN_SSO_AUTH_ENABLED, String.valueOf(enabled));
388 prefs.setValue(PropsUtil.OPEN_SSO_LOGIN_URL, loginUrl);
389 prefs.setValue(PropsUtil.OPEN_SSO_LOGOUT_URL, logoutUrl);
390 prefs.setValue(PropsUtil.OPEN_SSO_SERVICE_URL, serviceUrl);
391 prefs.setValue(
392 PropsUtil.OPEN_SSO_SUBJECT_COOKIE_NAME, subjectCookieName);
393
394 prefs.store();
395 }
396
397 protected void updateReservedUsers(
398 ActionRequest req, PortletPreferences prefs)
399 throws Exception {
400
401 String reservedScreenNames = ParamUtil.getString(
402 req, "reservedScreenNames");
403 String reservedEmailAddresses = ParamUtil.getString(
404 req, "reservedEmailAddresses");
405
406 prefs.setValue(
407 PropsUtil.ADMIN_RESERVED_SCREEN_NAMES, reservedScreenNames);
408 prefs.setValue(
409 PropsUtil.ADMIN_RESERVED_EMAIL_ADDRESSES, reservedEmailAddresses);
410 }
411
412 protected void updateSecurity(ActionRequest req) throws Exception {
413 Company company = PortalUtil.getCompany(req);
414
415 String authType = ParamUtil.getString(req, "authType");
416 boolean autoLogin = ParamUtil.getBoolean(req, "autoLogin");
417 boolean sendPassword = ParamUtil.getBoolean(req, "sendPassword");
418 boolean strangers = ParamUtil.getBoolean(req, "strangers");
419 boolean strangersWithMx = ParamUtil.getBoolean(req, "strangersWithMx");
420 boolean strangersVerify = ParamUtil.getBoolean(req, "strangersVerify");
421
422 CompanyServiceUtil.updateSecurity(
423 company.getCompanyId(), authType, autoLogin, sendPassword,
424 strangers, strangersWithMx, strangersVerify,
425 company.isCommunityLogo());
426 }
427
428 private static Log _log = LogFactory.getLog(EditSettingsAction.class);
429
430 }