1   /**
2    * Copyright (c) 2000-2009 Liferay, Inc. All rights reserved.
3    *
4    * Permission is hereby granted, free of charge, to any person obtaining a copy
5    * of this software and associated documentation files (the "Software"), to deal
6    * in the Software without restriction, including without limitation the rights
7    * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
8    * copies of the Software, and to permit persons to whom the Software is
9    * furnished to do so, subject to the following conditions:
10   *
11   * The above copyright notice and this permission notice shall be included in
12   * all copies or substantial portions of the Software.
13   *
14   * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15   * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16   * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
17   * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
18   * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
19   * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
20   * SOFTWARE.
21   */
22  
23  package com.liferay.portal.service.impl;
24  
25  import com.liferay.portal.DuplicatePasswordPolicyException;
26  import com.liferay.portal.NoSuchPasswordPolicyRelException;
27  import com.liferay.portal.PasswordPolicyNameException;
28  import com.liferay.portal.PortalException;
29  import com.liferay.portal.RequiredPasswordPolicyException;
30  import com.liferay.portal.SystemException;
31  import com.liferay.portal.kernel.util.OrderByComparator;
32  import com.liferay.portal.kernel.util.StringPool;
33  import com.liferay.portal.kernel.util.Validator;
34  import com.liferay.portal.model.Organization;
35  import com.liferay.portal.model.PasswordPolicy;
36  import com.liferay.portal.model.PasswordPolicyRel;
37  import com.liferay.portal.model.ResourceConstants;
38  import com.liferay.portal.model.User;
39  import com.liferay.portal.security.ldap.PortalLDAPUtil;
40  import com.liferay.portal.service.base.PasswordPolicyLocalServiceBaseImpl;
41  import com.liferay.portal.util.PropsValues;
42  
43  import java.util.Date;
44  import java.util.List;
45  
46  /**
47   * <a href="PasswordPolicyLocalServiceImpl.java.html"><b><i>View Source</i></b>
48   * </a>
49   *
50   * @author Scott Lee
51   *
52   */
53  public class PasswordPolicyLocalServiceImpl
54      extends PasswordPolicyLocalServiceBaseImpl {
55  
56      public PasswordPolicy addPasswordPolicy(
57              long userId, boolean defaultPolicy, String name, String description,
58              boolean changeable, boolean changeRequired, long minAge,
59              boolean checkSyntax, boolean allowDictionaryWords, int minLength,
60              boolean history, int historyCount, boolean expireable, long maxAge,
61              long warningTime, int graceLimit, boolean lockout, int maxFailure,
62              long lockoutDuration, long resetFailureCount)
63          throws PortalException, SystemException {
64  
65          // Password policy
66  
67          User user = userPersistence.findByPrimaryKey(userId);
68          Date now = new Date();
69  
70          validate(0, user.getCompanyId(), name);
71  
72          long passwordPolicyId = counterLocalService.increment();
73  
74          PasswordPolicy passwordPolicy = passwordPolicyPersistence.create(
75              passwordPolicyId);
76  
77          passwordPolicy.setUserId(userId);
78          passwordPolicy.setCompanyId(user.getCompanyId());
79          passwordPolicy.setUserName(user.getFullName());
80          passwordPolicy.setCreateDate(now);
81          passwordPolicy.setModifiedDate(now);
82          passwordPolicy.setDefaultPolicy(defaultPolicy);
83          passwordPolicy.setName(name);
84          passwordPolicy.setDescription(description);
85          passwordPolicy.setChangeable(changeable);
86          passwordPolicy.setChangeRequired(changeRequired);
87          passwordPolicy.setMinAge(minAge);
88          passwordPolicy.setCheckSyntax(checkSyntax);
89          passwordPolicy.setAllowDictionaryWords(allowDictionaryWords);
90          passwordPolicy.setMinLength(minLength);
91          passwordPolicy.setHistory(history);
92          passwordPolicy.setHistoryCount(historyCount);
93          passwordPolicy.setExpireable(expireable);
94          passwordPolicy.setMaxAge(maxAge);
95          passwordPolicy.setWarningTime(warningTime);
96          passwordPolicy.setGraceLimit(graceLimit);
97          passwordPolicy.setLockout(lockout);
98          passwordPolicy.setMaxFailure(maxFailure);
99          passwordPolicy.setLockoutDuration(lockoutDuration);
100         passwordPolicy.setRequireUnlock(lockoutDuration == 0);
101         passwordPolicy.setResetFailureCount(resetFailureCount);
102 
103         passwordPolicyPersistence.update(passwordPolicy, false);
104 
105         // Resources
106 
107         if (!user.isDefaultUser()) {
108             resourceLocalService.addResources(
109                 user.getCompanyId(), 0, userId, PasswordPolicy.class.getName(),
110                 passwordPolicy.getPasswordPolicyId(), false, false, false);
111         }
112 
113         return passwordPolicy;
114     }
115 
116     public void checkDefaultPasswordPolicy(long companyId)
117         throws PortalException, SystemException {
118 
119         String defaultPasswordPolicyName =
120             PropsValues.PASSWORDS_DEFAULT_POLICY_NAME;
121 
122         PasswordPolicy defaultPasswordPolicy =
123             passwordPolicyPersistence.fetchByC_N(
124                 companyId, defaultPasswordPolicyName);
125 
126         if (defaultPasswordPolicy == null) {
127             long defaultUserId = userLocalService.getDefaultUserId(companyId);
128 
129             addPasswordPolicy(
130                 defaultUserId, true, defaultPasswordPolicyName,
131                 defaultPasswordPolicyName, true, false, 0, false, true, 6,
132                 false, 6, false, 8640000, 86400, 0, false, 3, 0, 600);
133         }
134     }
135 
136     public void deletePasswordPolicy(long passwordPolicyId)
137         throws PortalException, SystemException {
138 
139         PasswordPolicy passwordPolicy =
140             passwordPolicyPersistence.findByPrimaryKey(passwordPolicyId);
141 
142         if (passwordPolicy.isDefaultPolicy()) {
143             throw new RequiredPasswordPolicyException();
144         }
145 
146         // Resources
147 
148         resourceLocalService.deleteResource(
149             passwordPolicy.getCompanyId(), PasswordPolicy.class.getName(),
150             ResourceConstants.SCOPE_INDIVIDUAL,
151             passwordPolicy.getPasswordPolicyId());
152 
153         // Password policy
154 
155         passwordPolicyPersistence.remove(passwordPolicy);
156     }
157 
158     public PasswordPolicy getDefaultPasswordPolicy(long companyId)
159         throws PortalException, SystemException {
160 
161         if (PortalLDAPUtil.isPasswordPolicyEnabled(companyId)) {
162             return null;
163         }
164 
165         return passwordPolicyPersistence.findByC_DP(companyId, true);
166     }
167 
168     public PasswordPolicy getPasswordPolicy(long passwordPolicyId)
169         throws PortalException, SystemException {
170 
171         return passwordPolicyPersistence.findByPrimaryKey(passwordPolicyId);
172     }
173 
174     /**
175      * @deprecated
176      */
177     public PasswordPolicy getPasswordPolicy(
178             long companyId, long organizationId, long locationId)
179         throws PortalException, SystemException {
180 
181         return getPasswordPolicy(
182             companyId, new long[] {organizationId, locationId});
183     }
184 
185     public PasswordPolicy getPasswordPolicy(
186             long companyId, long[] organizationIds)
187         throws PortalException, SystemException {
188 
189         if (PortalLDAPUtil.isPasswordPolicyEnabled(companyId)) {
190             return null;
191         }
192 
193         PasswordPolicyRel passwordPolicyRel = null;
194 
195         // Check for password policy specifically assigned to any of the
196         // organizations
197 
198         for (int i = 0; i < organizationIds.length; i++) {
199             long organizationId = organizationIds[i];
200 
201             try {
202                 passwordPolicyRel =
203                     passwordPolicyRelLocalService.getPasswordPolicyRel(
204                         Organization.class.getName(), organizationId);
205 
206                 return getPasswordPolicy(
207                     passwordPolicyRel.getPasswordPolicyId());
208             }
209             catch (NoSuchPasswordPolicyRelException nsppre) {
210             }
211         }
212 
213         // Get default password policy
214 
215         return getDefaultPasswordPolicy(companyId);
216     }
217 
218     public PasswordPolicy getPasswordPolicyByUserId(long userId)
219         throws PortalException, SystemException {
220 
221         User user = userPersistence.findByPrimaryKey(userId);
222 
223         if (PortalLDAPUtil.isPasswordPolicyEnabled(user.getCompanyId())) {
224             return null;
225         }
226 
227         PasswordPolicyRel passwordPolicyRel = null;
228 
229         // Check for password policy specifically assigned to this user
230 
231         try {
232             passwordPolicyRel =
233                 passwordPolicyRelLocalService.getPasswordPolicyRel(
234                     User.class.getName(), userId);
235 
236             return getPasswordPolicy(passwordPolicyRel.getPasswordPolicyId());
237         }
238         catch (NoSuchPasswordPolicyRelException nsppre) {
239         }
240 
241         long[] organizationIds = user.getOrganizationIds();
242 
243         return getPasswordPolicy(user.getCompanyId(), organizationIds);
244     }
245 
246     public List<PasswordPolicy> search(
247             long companyId, String name, int start, int end,
248             OrderByComparator obc)
249         throws SystemException {
250 
251         return passwordPolicyFinder.findByC_N(companyId, name, start, end, obc);
252     }
253 
254     public int searchCount(long companyId, String name)
255         throws SystemException {
256 
257         return passwordPolicyFinder.countByC_N(companyId, name);
258     }
259 
260     public PasswordPolicy updatePasswordPolicy(
261             long passwordPolicyId, String name, String description,
262             boolean changeable, boolean changeRequired, long minAge,
263             boolean checkSyntax, boolean allowDictionaryWords, int minLength,
264             boolean history, int historyCount, boolean expireable, long maxAge,
265             long warningTime, int graceLimit, boolean lockout, int maxFailure,
266             long lockoutDuration, long resetFailureCount)
267         throws PortalException, SystemException {
268 
269         Date now = new Date();
270 
271         PasswordPolicy passwordPolicy =
272             passwordPolicyPersistence.findByPrimaryKey(
273                 passwordPolicyId);
274 
275         if (!passwordPolicy.getDefaultPolicy()) {
276             validate(passwordPolicyId, passwordPolicy.getCompanyId(), name);
277 
278             passwordPolicy.setName(name);
279         }
280 
281         passwordPolicy.setModifiedDate(now);
282         passwordPolicy.setDescription(description);
283         passwordPolicy.setChangeable(changeable);
284         passwordPolicy.setChangeRequired(changeRequired);
285         passwordPolicy.setMinAge(minAge);
286         passwordPolicy.setCheckSyntax(checkSyntax);
287         passwordPolicy.setAllowDictionaryWords(allowDictionaryWords);
288         passwordPolicy.setMinLength(minLength);
289         passwordPolicy.setHistory(history);
290         passwordPolicy.setHistoryCount(historyCount);
291         passwordPolicy.setExpireable(expireable);
292         passwordPolicy.setMaxAge(maxAge);
293         passwordPolicy.setWarningTime(warningTime);
294         passwordPolicy.setGraceLimit(graceLimit);
295         passwordPolicy.setLockout(lockout);
296         passwordPolicy.setMaxFailure(maxFailure);
297         passwordPolicy.setLockoutDuration(lockoutDuration);
298         passwordPolicy.setRequireUnlock(lockoutDuration == 0);
299         passwordPolicy.setResetFailureCount(resetFailureCount);
300 
301         passwordPolicyPersistence.update(passwordPolicy, false);
302 
303         return passwordPolicy;
304     }
305 
306     protected void validate(long passwordPolicyId, long companyId, String name)
307         throws PortalException, SystemException {
308 
309         if ((Validator.isNull(name)) || (Validator.isNumber(name)) ||
310             (name.indexOf(StringPool.COMMA) != -1) ||
311             (name.indexOf(StringPool.STAR) != -1)) {
312 
313             throw new PasswordPolicyNameException();
314         }
315 
316         PasswordPolicy passwordPolicy = passwordPolicyPersistence.fetchByC_N(
317             companyId, name);
318 
319         if (passwordPolicy != null) {
320             if ((passwordPolicyId <= 0) ||
321                 (passwordPolicy.getPasswordPolicyId() != passwordPolicyId)) {
322 
323                 throw new DuplicatePasswordPolicyException();
324             }
325         }
326     }
327 
328 }