1   /**
2    * Copyright (c) 2000-2010 Liferay, Inc. All rights reserved.
3    *
4    * This library is free software; you can redistribute it and/or modify it under
5    * the terms of the GNU Lesser General Public License as published by the Free
6    * Software Foundation; either version 2.1 of the License, or (at your option)
7    * any later version.
8    *
9    * This library is distributed in the hope that it will be useful, but WITHOUT
10   * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
11   * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
12   * details.
13   */
14  
15  package com.liferay.portal.service.impl;
16  
17  import com.liferay.portal.DuplicatePasswordPolicyException;
18  import com.liferay.portal.NoSuchPasswordPolicyRelException;
19  import com.liferay.portal.PasswordPolicyNameException;
20  import com.liferay.portal.RequiredPasswordPolicyException;
21  import com.liferay.portal.kernel.exception.PortalException;
22  import com.liferay.portal.kernel.exception.SystemException;
23  import com.liferay.portal.kernel.util.OrderByComparator;
24  import com.liferay.portal.kernel.util.StringPool;
25  import com.liferay.portal.kernel.util.Validator;
26  import com.liferay.portal.model.Organization;
27  import com.liferay.portal.model.PasswordPolicy;
28  import com.liferay.portal.model.PasswordPolicyRel;
29  import com.liferay.portal.model.ResourceConstants;
30  import com.liferay.portal.model.User;
31  import com.liferay.portal.security.ldap.LDAPSettingsUtil;
32  import com.liferay.portal.service.base.PasswordPolicyLocalServiceBaseImpl;
33  import com.liferay.portal.util.PropsValues;
34  
35  import java.util.Date;
36  import java.util.List;
37  
38  /**
39   * <a href="PasswordPolicyLocalServiceImpl.java.html"><b><i>View Source</i></b>
40   * </a>
41   *
42   * @author Scott Lee
43   */
44  public class PasswordPolicyLocalServiceImpl
45      extends PasswordPolicyLocalServiceBaseImpl {
46  
47      public PasswordPolicy addPasswordPolicy(
48              long userId, boolean defaultPolicy, String name, String description,
49              boolean changeable, boolean changeRequired, long minAge,
50              boolean checkSyntax, boolean allowDictionaryWords,
51              int minAlphanumeric, int minLength, int minLowerCase,
52              int minNumbers, int minSymbols, int minUpperCase, boolean history,
53              int historyCount, boolean expireable, long maxAge, long warningTime,
54              int graceLimit, boolean lockout, int maxFailure,
55              long lockoutDuration, long resetFailureCount,
56              long resetTicketMaxAge)
57          throws PortalException, SystemException {
58  
59          // Password policy
60  
61          User user = userPersistence.findByPrimaryKey(userId);
62          Date now = new Date();
63  
64          validate(0, user.getCompanyId(), name);
65  
66          long passwordPolicyId = counterLocalService.increment();
67  
68          PasswordPolicy passwordPolicy = passwordPolicyPersistence.create(
69              passwordPolicyId);
70  
71          passwordPolicy.setUserId(userId);
72          passwordPolicy.setCompanyId(user.getCompanyId());
73          passwordPolicy.setUserName(user.getFullName());
74          passwordPolicy.setCreateDate(now);
75          passwordPolicy.setModifiedDate(now);
76          passwordPolicy.setDefaultPolicy(defaultPolicy);
77          passwordPolicy.setName(name);
78          passwordPolicy.setDescription(description);
79          passwordPolicy.setChangeable(changeable);
80          passwordPolicy.setChangeRequired(changeRequired);
81          passwordPolicy.setMinAge(minAge);
82          passwordPolicy.setCheckSyntax(checkSyntax);
83          passwordPolicy.setAllowDictionaryWords(allowDictionaryWords);
84          passwordPolicy.setMinAlphanumeric(minAlphanumeric);
85          passwordPolicy.setMinLength(minLength);
86          passwordPolicy.setMinLowerCase(minLowerCase);
87          passwordPolicy.setMinNumbers(minNumbers);
88          passwordPolicy.setMinSymbols(minSymbols);
89          passwordPolicy.setMinUpperCase(minUpperCase);
90          passwordPolicy.setHistory(history);
91          passwordPolicy.setHistoryCount(historyCount);
92          passwordPolicy.setExpireable(expireable);
93          passwordPolicy.setMaxAge(maxAge);
94          passwordPolicy.setWarningTime(warningTime);
95          passwordPolicy.setGraceLimit(graceLimit);
96          passwordPolicy.setLockout(lockout);
97          passwordPolicy.setMaxFailure(maxFailure);
98          passwordPolicy.setLockoutDuration(lockoutDuration);
99          passwordPolicy.setRequireUnlock(lockoutDuration == 0);
100         passwordPolicy.setResetFailureCount(resetFailureCount);
101         passwordPolicy.setResetTicketMaxAge(resetTicketMaxAge);
102 
103         passwordPolicyPersistence.update(passwordPolicy, false);
104 
105         // Resources
106 
107         if (!user.isDefaultUser()) {
108             resourceLocalService.addResources(
109                 user.getCompanyId(), 0, userId, PasswordPolicy.class.getName(),
110                 passwordPolicy.getPasswordPolicyId(), false, false, false);
111         }
112 
113         return passwordPolicy;
114     }
115 
116     public void checkDefaultPasswordPolicy(long companyId)
117         throws PortalException, SystemException {
118 
119         String defaultPasswordPolicyName =
120             PropsValues.PASSWORDS_DEFAULT_POLICY_NAME;
121 
122         PasswordPolicy defaultPasswordPolicy =
123             passwordPolicyPersistence.fetchByC_N(
124                 companyId, defaultPasswordPolicyName);
125 
126         if (defaultPasswordPolicy == null) {
127             long defaultUserId = userLocalService.getDefaultUserId(companyId);
128 
129             addPasswordPolicy(
130                 defaultUserId, true, defaultPasswordPolicyName,
131                 defaultPasswordPolicyName, true, false, 0, false, true, 0, 6,
132                 0, 1, 0, 1, false, 6, false, 8640000, 86400, 0, false, 3, 0,
133                 600, 86400);
134         }
135     }
136 
137     public void deletePasswordPolicy(long passwordPolicyId)
138         throws PortalException, SystemException {
139 
140         PasswordPolicy passwordPolicy =
141             passwordPolicyPersistence.findByPrimaryKey(passwordPolicyId);
142 
143         if (passwordPolicy.isDefaultPolicy()) {
144             throw new RequiredPasswordPolicyException();
145         }
146 
147         // Password policy relations
148 
149         passwordPolicyRelLocalService.deletePasswordPolicyRels(
150             passwordPolicyId);
151 
152         // Resources
153 
154         resourceLocalService.deleteResource(
155             passwordPolicy.getCompanyId(), PasswordPolicy.class.getName(),
156             ResourceConstants.SCOPE_INDIVIDUAL,
157             passwordPolicy.getPasswordPolicyId());
158 
159         // Password policy
160 
161         passwordPolicyPersistence.remove(passwordPolicy);
162     }
163 
164     public PasswordPolicy getDefaultPasswordPolicy(long companyId)
165         throws PortalException, SystemException {
166 
167         if (LDAPSettingsUtil.isPasswordPolicyEnabled(companyId)) {
168             return null;
169         }
170 
171         return passwordPolicyPersistence.findByC_DP(companyId, true);
172     }
173 
174     public PasswordPolicy getPasswordPolicy(long passwordPolicyId)
175         throws PortalException, SystemException {
176 
177         return passwordPolicyPersistence.findByPrimaryKey(passwordPolicyId);
178     }
179 
180     /**
181      * @deprecated
182      */
183     public PasswordPolicy getPasswordPolicy(
184             long companyId, long organizationId, long locationId)
185         throws PortalException, SystemException {
186 
187         return getPasswordPolicy(
188             companyId, new long[] {organizationId, locationId});
189     }
190 
191     public PasswordPolicy getPasswordPolicy(
192             long companyId, long[] organizationIds)
193         throws PortalException, SystemException {
194 
195         if (LDAPSettingsUtil.isPasswordPolicyEnabled(companyId)) {
196             return null;
197         }
198 
199         if ((organizationIds == null) || (organizationIds.length == 0)) {
200             return getDefaultPasswordPolicy(companyId);
201         }
202 
203         PasswordPolicyRel passwordPolicyRel = null;
204 
205         for (int i = 0; i < organizationIds.length; i++) {
206             long organizationId = organizationIds[i];
207 
208             try {
209                 passwordPolicyRel =
210                     passwordPolicyRelLocalService.getPasswordPolicyRel(
211                         Organization.class.getName(), organizationId);
212 
213                 return getPasswordPolicy(
214                     passwordPolicyRel.getPasswordPolicyId());
215             }
216             catch (NoSuchPasswordPolicyRelException nsppre) {
217             }
218         }
219 
220         return getDefaultPasswordPolicy(companyId);
221     }
222 
223     public PasswordPolicy getPasswordPolicyByUserId(long userId)
224         throws PortalException, SystemException {
225 
226         User user = userPersistence.findByPrimaryKey(userId);
227 
228         if (LDAPSettingsUtil.isPasswordPolicyEnabled(user.getCompanyId())) {
229             return null;
230         }
231 
232         PasswordPolicyRel passwordPolicyRel = null;
233 
234         // Check for password policy specifically assigned to this user
235 
236         try {
237             passwordPolicyRel =
238                 passwordPolicyRelLocalService.getPasswordPolicyRel(
239                     User.class.getName(), userId);
240 
241             return getPasswordPolicy(passwordPolicyRel.getPasswordPolicyId());
242         }
243         catch (NoSuchPasswordPolicyRelException nsppre) {
244         }
245 
246         long[] organizationIds = user.getOrganizationIds();
247 
248         return getPasswordPolicy(user.getCompanyId(), organizationIds);
249     }
250 
251     public List<PasswordPolicy> search(
252             long companyId, String name, int start, int end,
253             OrderByComparator obc)
254         throws SystemException {
255 
256         return passwordPolicyFinder.findByC_N(companyId, name, start, end, obc);
257     }
258 
259     public int searchCount(long companyId, String name)
260         throws SystemException {
261 
262         return passwordPolicyFinder.countByC_N(companyId, name);
263     }
264 
265     public PasswordPolicy updatePasswordPolicy(
266             long passwordPolicyId, String name, String description,
267             boolean changeable, boolean changeRequired, long minAge,
268             boolean checkSyntax, boolean allowDictionaryWords,
269             int minAlphanumeric, int minLength, int minLowerCase,
270             int minNumbers, int minSymbols, int minUpperCase, boolean history,
271             int historyCount, boolean expireable, long maxAge,
272             long warningTime, int graceLimit, boolean lockout, int maxFailure,
273             long lockoutDuration, long resetFailureCount,
274             long resetTicketMaxAge)
275         throws PortalException, SystemException {
276 
277         Date now = new Date();
278 
279         PasswordPolicy passwordPolicy =
280             passwordPolicyPersistence.findByPrimaryKey(
281                 passwordPolicyId);
282 
283         if (!passwordPolicy.getDefaultPolicy()) {
284             validate(passwordPolicyId, passwordPolicy.getCompanyId(), name);
285 
286             passwordPolicy.setName(name);
287         }
288 
289         passwordPolicy.setModifiedDate(now);
290         passwordPolicy.setDescription(description);
291         passwordPolicy.setChangeable(changeable);
292         passwordPolicy.setChangeRequired(changeRequired);
293         passwordPolicy.setMinAge(minAge);
294         passwordPolicy.setCheckSyntax(checkSyntax);
295         passwordPolicy.setAllowDictionaryWords(allowDictionaryWords);
296         passwordPolicy.setMinAlphanumeric(minAlphanumeric);
297         passwordPolicy.setMinLength(minLength);
298         passwordPolicy.setMinLowerCase(minLowerCase);
299         passwordPolicy.setMinNumbers(minNumbers);
300         passwordPolicy.setMinSymbols(minSymbols);
301         passwordPolicy.setMinUpperCase(minUpperCase);
302         passwordPolicy.setHistory(history);
303         passwordPolicy.setHistoryCount(historyCount);
304         passwordPolicy.setExpireable(expireable);
305         passwordPolicy.setMaxAge(maxAge);
306         passwordPolicy.setWarningTime(warningTime);
307         passwordPolicy.setGraceLimit(graceLimit);
308         passwordPolicy.setLockout(lockout);
309         passwordPolicy.setMaxFailure(maxFailure);
310         passwordPolicy.setLockoutDuration(lockoutDuration);
311         passwordPolicy.setRequireUnlock(lockoutDuration == 0);
312         passwordPolicy.setResetFailureCount(resetFailureCount);
313         passwordPolicy.setResetTicketMaxAge(resetTicketMaxAge);
314 
315         passwordPolicyPersistence.update(passwordPolicy, false);
316 
317         return passwordPolicy;
318     }
319 
320     protected void validate(long passwordPolicyId, long companyId, String name)
321         throws PortalException, SystemException {
322 
323         if ((Validator.isNull(name)) || (Validator.isNumber(name)) ||
324             (name.indexOf(StringPool.COMMA) != -1) ||
325             (name.indexOf(StringPool.STAR) != -1)) {
326 
327             throw new PasswordPolicyNameException();
328         }
329 
330         PasswordPolicy passwordPolicy = passwordPolicyPersistence.fetchByC_N(
331             companyId, name);
332 
333         if (passwordPolicy != null) {
334             if ((passwordPolicyId <= 0) ||
335                 (passwordPolicy.getPasswordPolicyId() != passwordPolicyId)) {
336 
337                 throw new DuplicatePasswordPolicyException();
338             }
339         }
340     }
341 
342 }