1   /**
2    * Copyright (c) 2000-2009 Liferay, Inc. All rights reserved.
3    *
4    * The contents of this file are subject to the terms of the Liferay Enterprise
5    * Subscription License ("License"). You may not use this file except in
6    * compliance with the License. You can obtain a copy of the License by
7    * contacting Liferay, Inc. See the License for the specific language governing
8    * permissions and limitations under the License, including but not limited to
9    * distribution rights of the Software.
10   *
11   * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
12   * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13   * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
14   * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
15   * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
16   * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
17   * SOFTWARE.
18   */
19  
20  package com.liferay.portal.service.impl;
21  
22  import com.liferay.portal.DuplicatePasswordPolicyException;
23  import com.liferay.portal.NoSuchPasswordPolicyRelException;
24  import com.liferay.portal.PasswordPolicyNameException;
25  import com.liferay.portal.PortalException;
26  import com.liferay.portal.RequiredPasswordPolicyException;
27  import com.liferay.portal.SystemException;
28  import com.liferay.portal.kernel.util.OrderByComparator;
29  import com.liferay.portal.kernel.util.StringPool;
30  import com.liferay.portal.kernel.util.Validator;
31  import com.liferay.portal.model.Organization;
32  import com.liferay.portal.model.PasswordPolicy;
33  import com.liferay.portal.model.PasswordPolicyRel;
34  import com.liferay.portal.model.ResourceConstants;
35  import com.liferay.portal.model.User;
36  import com.liferay.portal.security.ldap.PortalLDAPUtil;
37  import com.liferay.portal.service.base.PasswordPolicyLocalServiceBaseImpl;
38  import com.liferay.portal.util.PropsValues;
39  
40  import java.util.Date;
41  import java.util.List;
42  
43  /**
44   * <a href="PasswordPolicyLocalServiceImpl.java.html"><b><i>View Source</i></b>
45   * </a>
46   *
47   * @author Scott Lee
48   *
49   */
50  public class PasswordPolicyLocalServiceImpl
51      extends PasswordPolicyLocalServiceBaseImpl {
52  
53      public PasswordPolicy addPasswordPolicy(
54              long userId, boolean defaultPolicy, String name, String description,
55              boolean changeable, boolean changeRequired, long minAge,
56              boolean checkSyntax, boolean allowDictionaryWords, int minLength,
57              boolean history, int historyCount, boolean expireable, long maxAge,
58              long warningTime, int graceLimit, boolean lockout, int maxFailure,
59              long lockoutDuration, long resetFailureCount)
60          throws PortalException, SystemException {
61  
62          // Password policy
63  
64          User user = userPersistence.findByPrimaryKey(userId);
65          Date now = new Date();
66  
67          validate(0, user.getCompanyId(), name);
68  
69          long passwordPolicyId = counterLocalService.increment();
70  
71          PasswordPolicy passwordPolicy = passwordPolicyPersistence.create(
72              passwordPolicyId);
73  
74          passwordPolicy.setUserId(userId);
75          passwordPolicy.setCompanyId(user.getCompanyId());
76          passwordPolicy.setUserName(user.getFullName());
77          passwordPolicy.setCreateDate(now);
78          passwordPolicy.setModifiedDate(now);
79          passwordPolicy.setDefaultPolicy(defaultPolicy);
80          passwordPolicy.setName(name);
81          passwordPolicy.setDescription(description);
82          passwordPolicy.setChangeable(changeable);
83          passwordPolicy.setChangeRequired(changeRequired);
84          passwordPolicy.setMinAge(minAge);
85          passwordPolicy.setCheckSyntax(checkSyntax);
86          passwordPolicy.setAllowDictionaryWords(allowDictionaryWords);
87          passwordPolicy.setMinLength(minLength);
88          passwordPolicy.setHistory(history);
89          passwordPolicy.setHistoryCount(historyCount);
90          passwordPolicy.setExpireable(expireable);
91          passwordPolicy.setMaxAge(maxAge);
92          passwordPolicy.setWarningTime(warningTime);
93          passwordPolicy.setGraceLimit(graceLimit);
94          passwordPolicy.setLockout(lockout);
95          passwordPolicy.setMaxFailure(maxFailure);
96          passwordPolicy.setLockoutDuration(lockoutDuration);
97          passwordPolicy.setRequireUnlock(lockoutDuration == 0);
98          passwordPolicy.setResetFailureCount(resetFailureCount);
99  
100         passwordPolicyPersistence.update(passwordPolicy, false);
101 
102         // Resources
103 
104         if (!user.isDefaultUser()) {
105             resourceLocalService.addResources(
106                 user.getCompanyId(), 0, userId, PasswordPolicy.class.getName(),
107                 passwordPolicy.getPasswordPolicyId(), false, false, false);
108         }
109 
110         return passwordPolicy;
111     }
112 
113     public void checkDefaultPasswordPolicy(long companyId)
114         throws PortalException, SystemException {
115 
116         String defaultPasswordPolicyName =
117             PropsValues.PASSWORDS_DEFAULT_POLICY_NAME;
118 
119         PasswordPolicy defaultPasswordPolicy =
120             passwordPolicyPersistence.fetchByC_N(
121                 companyId, defaultPasswordPolicyName);
122 
123         if (defaultPasswordPolicy == null) {
124             long defaultUserId = userLocalService.getDefaultUserId(companyId);
125 
126             addPasswordPolicy(
127                 defaultUserId, true, defaultPasswordPolicyName,
128                 defaultPasswordPolicyName, true, false, 0, false, true, 6,
129                 false, 6, false, 8640000, 86400, 0, false, 3, 0, 600);
130         }
131     }
132 
133     public void deletePasswordPolicy(long passwordPolicyId)
134         throws PortalException, SystemException {
135 
136         PasswordPolicy passwordPolicy =
137             passwordPolicyPersistence.findByPrimaryKey(passwordPolicyId);
138 
139         if (passwordPolicy.isDefaultPolicy()) {
140             throw new RequiredPasswordPolicyException();
141         }
142 
143         // Resources
144 
145         resourceLocalService.deleteResource(
146             passwordPolicy.getCompanyId(), PasswordPolicy.class.getName(),
147             ResourceConstants.SCOPE_INDIVIDUAL,
148             passwordPolicy.getPasswordPolicyId());
149 
150         // Password policy
151 
152         passwordPolicyPersistence.remove(passwordPolicy);
153     }
154 
155     public PasswordPolicy getDefaultPasswordPolicy(long companyId)
156         throws PortalException, SystemException {
157 
158         if (PortalLDAPUtil.isPasswordPolicyEnabled(companyId)) {
159             return null;
160         }
161 
162         return passwordPolicyPersistence.findByC_DP(companyId, true);
163     }
164 
165     public PasswordPolicy getPasswordPolicy(long passwordPolicyId)
166         throws PortalException, SystemException {
167 
168         return passwordPolicyPersistence.findByPrimaryKey(passwordPolicyId);
169     }
170 
171     /**
172      * @deprecated
173      */
174     public PasswordPolicy getPasswordPolicy(
175             long companyId, long organizationId, long locationId)
176         throws PortalException, SystemException {
177 
178         return getPasswordPolicy(
179             companyId, new long[] {organizationId, locationId});
180     }
181 
182     public PasswordPolicy getPasswordPolicy(
183             long companyId, long[] organizationIds)
184         throws PortalException, SystemException {
185 
186         if (PortalLDAPUtil.isPasswordPolicyEnabled(companyId)) {
187             return null;
188         }
189 
190         PasswordPolicyRel passwordPolicyRel = null;
191 
192         // Check for password policy specifically assigned to any of the
193         // organizations
194 
195         for (int i = 0; i < organizationIds.length; i++) {
196             long organizationId = organizationIds[i];
197 
198             try {
199                 passwordPolicyRel =
200                     passwordPolicyRelLocalService.getPasswordPolicyRel(
201                         Organization.class.getName(), organizationId);
202 
203                 return getPasswordPolicy(
204                     passwordPolicyRel.getPasswordPolicyId());
205             }
206             catch (NoSuchPasswordPolicyRelException nsppre) {
207             }
208         }
209 
210         // Get default password policy
211 
212         return getDefaultPasswordPolicy(companyId);
213     }
214 
215     public PasswordPolicy getPasswordPolicyByUserId(long userId)
216         throws PortalException, SystemException {
217 
218         User user = userPersistence.findByPrimaryKey(userId);
219 
220         if (PortalLDAPUtil.isPasswordPolicyEnabled(user.getCompanyId())) {
221             return null;
222         }
223 
224         PasswordPolicyRel passwordPolicyRel = null;
225 
226         // Check for password policy specifically assigned to this user
227 
228         try {
229             passwordPolicyRel =
230                 passwordPolicyRelLocalService.getPasswordPolicyRel(
231                     User.class.getName(), userId);
232 
233             return getPasswordPolicy(passwordPolicyRel.getPasswordPolicyId());
234         }
235         catch (NoSuchPasswordPolicyRelException nsppre) {
236         }
237 
238         long[] organizationIds = user.getOrganizationIds();
239 
240         return getPasswordPolicy(user.getCompanyId(), organizationIds);
241     }
242 
243     public List<PasswordPolicy> search(
244             long companyId, String name, int start, int end,
245             OrderByComparator obc)
246         throws SystemException {
247 
248         return passwordPolicyFinder.findByC_N(companyId, name, start, end, obc);
249     }
250 
251     public int searchCount(long companyId, String name)
252         throws SystemException {
253 
254         return passwordPolicyFinder.countByC_N(companyId, name);
255     }
256 
257     public PasswordPolicy updatePasswordPolicy(
258             long passwordPolicyId, String name, String description,
259             boolean changeable, boolean changeRequired, long minAge,
260             boolean checkSyntax, boolean allowDictionaryWords, int minLength,
261             boolean history, int historyCount, boolean expireable, long maxAge,
262             long warningTime, int graceLimit, boolean lockout, int maxFailure,
263             long lockoutDuration, long resetFailureCount)
264         throws PortalException, SystemException {
265 
266         Date now = new Date();
267 
268         PasswordPolicy passwordPolicy =
269             passwordPolicyPersistence.findByPrimaryKey(
270                 passwordPolicyId);
271 
272         if (!passwordPolicy.getDefaultPolicy()) {
273             validate(passwordPolicyId, passwordPolicy.getCompanyId(), name);
274 
275             passwordPolicy.setName(name);
276         }
277 
278         passwordPolicy.setModifiedDate(now);
279         passwordPolicy.setDescription(description);
280         passwordPolicy.setChangeable(changeable);
281         passwordPolicy.setChangeRequired(changeRequired);
282         passwordPolicy.setMinAge(minAge);
283         passwordPolicy.setCheckSyntax(checkSyntax);
284         passwordPolicy.setAllowDictionaryWords(allowDictionaryWords);
285         passwordPolicy.setMinLength(minLength);
286         passwordPolicy.setHistory(history);
287         passwordPolicy.setHistoryCount(historyCount);
288         passwordPolicy.setExpireable(expireable);
289         passwordPolicy.setMaxAge(maxAge);
290         passwordPolicy.setWarningTime(warningTime);
291         passwordPolicy.setGraceLimit(graceLimit);
292         passwordPolicy.setLockout(lockout);
293         passwordPolicy.setMaxFailure(maxFailure);
294         passwordPolicy.setLockoutDuration(lockoutDuration);
295         passwordPolicy.setRequireUnlock(lockoutDuration == 0);
296         passwordPolicy.setResetFailureCount(resetFailureCount);
297 
298         passwordPolicyPersistence.update(passwordPolicy, false);
299 
300         return passwordPolicy;
301     }
302 
303     protected void validate(long passwordPolicyId, long companyId, String name)
304         throws PortalException, SystemException {
305 
306         if ((Validator.isNull(name)) || (Validator.isNumber(name)) ||
307             (name.indexOf(StringPool.COMMA) != -1) ||
308             (name.indexOf(StringPool.STAR) != -1)) {
309 
310             throw new PasswordPolicyNameException();
311         }
312 
313         PasswordPolicy passwordPolicy = passwordPolicyPersistence.fetchByC_N(
314             companyId, name);
315 
316         if (passwordPolicy != null) {
317             if ((passwordPolicyId <= 0) ||
318                 (passwordPolicy.getPasswordPolicyId() != passwordPolicyId)) {
319 
320                 throw new DuplicatePasswordPolicyException();
321             }
322         }
323     }
324 
325 }