1   /**
2    * Copyright (c) 2000-2010 Liferay, Inc. All rights reserved.
3    *
4    * The contents of this file are subject to the terms of the Liferay Enterprise
5    * Subscription License ("License"). You may not use this file except in
6    * compliance with the License. You can obtain a copy of the License by
7    * contacting Liferay, Inc. See the License for the specific language governing
8    * permissions and limitations under the License, including but not limited to
9    * distribution rights of the Software.
10   *
11   *
12   *
13   */
14  
15  package com.liferay.portal.service.impl;
16  
17  import com.liferay.portal.DuplicatePasswordPolicyException;
18  import com.liferay.portal.NoSuchPasswordPolicyRelException;
19  import com.liferay.portal.PasswordPolicyNameException;
20  import com.liferay.portal.PortalException;
21  import com.liferay.portal.RequiredPasswordPolicyException;
22  import com.liferay.portal.SystemException;
23  import com.liferay.portal.kernel.cache.ThreadLocalCachable;
24  import com.liferay.portal.kernel.util.CharPool;
25  import com.liferay.portal.kernel.util.OrderByComparator;
26  import com.liferay.portal.kernel.util.Validator;
27  import com.liferay.portal.model.Organization;
28  import com.liferay.portal.model.PasswordPolicy;
29  import com.liferay.portal.model.PasswordPolicyRel;
30  import com.liferay.portal.model.ResourceConstants;
31  import com.liferay.portal.model.User;
32  import com.liferay.portal.security.ldap.LDAPSettingsUtil;
33  import com.liferay.portal.service.base.PasswordPolicyLocalServiceBaseImpl;
34  import com.liferay.portal.util.PropsValues;
35  
36  import java.util.Date;
37  import java.util.List;
38  
39  /**
40   * <a href="PasswordPolicyLocalServiceImpl.java.html"><b><i>View Source</i></b>
41   * </a>
42   *
43   * @author Scott Lee
44   */
45  public class PasswordPolicyLocalServiceImpl
46      extends PasswordPolicyLocalServiceBaseImpl {
47  
48      public PasswordPolicy addPasswordPolicy(
49              long userId, boolean defaultPolicy, String name, String description,
50              boolean changeable, boolean changeRequired, long minAge,
51              boolean checkSyntax, boolean allowDictionaryWords, int minLength,
52              boolean history, int historyCount, boolean expireable, long maxAge,
53              long warningTime, int graceLimit, boolean lockout, int maxFailure,
54              long lockoutDuration, long resetFailureCount)
55          throws PortalException, SystemException {
56  
57          // Password policy
58  
59          User user = userPersistence.findByPrimaryKey(userId);
60          Date now = new Date();
61  
62          validate(0, user.getCompanyId(), name);
63  
64          long passwordPolicyId = counterLocalService.increment();
65  
66          PasswordPolicy passwordPolicy = passwordPolicyPersistence.create(
67              passwordPolicyId);
68  
69          passwordPolicy.setUserId(userId);
70          passwordPolicy.setCompanyId(user.getCompanyId());
71          passwordPolicy.setUserName(user.getFullName());
72          passwordPolicy.setCreateDate(now);
73          passwordPolicy.setModifiedDate(now);
74          passwordPolicy.setDefaultPolicy(defaultPolicy);
75          passwordPolicy.setName(name);
76          passwordPolicy.setDescription(description);
77          passwordPolicy.setChangeable(changeable);
78          passwordPolicy.setChangeRequired(changeRequired);
79          passwordPolicy.setMinAge(minAge);
80          passwordPolicy.setCheckSyntax(checkSyntax);
81          passwordPolicy.setAllowDictionaryWords(allowDictionaryWords);
82          passwordPolicy.setMinLength(minLength);
83          passwordPolicy.setHistory(history);
84          passwordPolicy.setHistoryCount(historyCount);
85          passwordPolicy.setExpireable(expireable);
86          passwordPolicy.setMaxAge(maxAge);
87          passwordPolicy.setWarningTime(warningTime);
88          passwordPolicy.setGraceLimit(graceLimit);
89          passwordPolicy.setLockout(lockout);
90          passwordPolicy.setMaxFailure(maxFailure);
91          passwordPolicy.setLockoutDuration(lockoutDuration);
92          passwordPolicy.setRequireUnlock(lockoutDuration == 0);
93          passwordPolicy.setResetFailureCount(resetFailureCount);
94  
95          passwordPolicyPersistence.update(passwordPolicy, false);
96  
97          // Resources
98  
99          if (!user.isDefaultUser()) {
100             resourceLocalService.addResources(
101                 user.getCompanyId(), 0, userId, PasswordPolicy.class.getName(),
102                 passwordPolicy.getPasswordPolicyId(), false, false, false);
103         }
104 
105         return passwordPolicy;
106     }
107 
108     public void checkDefaultPasswordPolicy(long companyId)
109         throws PortalException, SystemException {
110 
111         String defaultPasswordPolicyName =
112             PropsValues.PASSWORDS_DEFAULT_POLICY_NAME;
113 
114         PasswordPolicy defaultPasswordPolicy =
115             passwordPolicyPersistence.fetchByC_N(
116                 companyId, defaultPasswordPolicyName);
117 
118         if (defaultPasswordPolicy == null) {
119             long defaultUserId = userLocalService.getDefaultUserId(companyId);
120 
121             addPasswordPolicy(
122                 defaultUserId, true, defaultPasswordPolicyName,
123                 defaultPasswordPolicyName, true, false, 0, false, true, 6,
124                 false, 6, false, 8640000, 86400, 0, false, 3, 0, 600);
125         }
126     }
127 
128     public void deletePasswordPolicy(long passwordPolicyId)
129         throws PortalException, SystemException {
130 
131         PasswordPolicy passwordPolicy =
132             passwordPolicyPersistence.findByPrimaryKey(passwordPolicyId);
133 
134         if (passwordPolicy.isDefaultPolicy()) {
135             throw new RequiredPasswordPolicyException();
136         }
137 
138         // Password policy relations
139 
140         passwordPolicyRelLocalService.deletePasswordPolicyRels(
141             passwordPolicyId);
142 
143         // Resources
144 
145         resourceLocalService.deleteResource(
146             passwordPolicy.getCompanyId(), PasswordPolicy.class.getName(),
147             ResourceConstants.SCOPE_INDIVIDUAL,
148             passwordPolicy.getPasswordPolicyId());
149 
150         // Password policy
151 
152         passwordPolicyPersistence.remove(passwordPolicy);
153     }
154 
155     public PasswordPolicy getDefaultPasswordPolicy(long companyId)
156         throws PortalException, SystemException {
157 
158         if (LDAPSettingsUtil.isPasswordPolicyEnabled(companyId)) {
159             return null;
160         }
161 
162         return passwordPolicyPersistence.findByC_DP(companyId, true);
163     }
164 
165     public PasswordPolicy getPasswordPolicy(long passwordPolicyId)
166         throws PortalException, SystemException {
167 
168         return passwordPolicyPersistence.findByPrimaryKey(passwordPolicyId);
169     }
170 
171     /**
172      * @deprecated
173      */
174     public PasswordPolicy getPasswordPolicy(
175             long companyId, long organizationId, long locationId)
176         throws PortalException, SystemException {
177 
178         return getPasswordPolicy(
179             companyId, new long[] {organizationId, locationId});
180     }
181 
182     public PasswordPolicy getPasswordPolicy(
183             long companyId, long[] organizationIds)
184         throws PortalException, SystemException {
185 
186         if (LDAPSettingsUtil.isPasswordPolicyEnabled(companyId)) {
187             return null;
188         }
189 
190         PasswordPolicyRel passwordPolicyRel = null;
191 
192         // Check for password policy specifically assigned to any of the
193         // organizations
194 
195         for (int i = 0; i < organizationIds.length; i++) {
196             long organizationId = organizationIds[i];
197 
198             try {
199                 passwordPolicyRel =
200                     passwordPolicyRelLocalService.getPasswordPolicyRel(
201                         Organization.class.getName(), organizationId);
202 
203                 return getPasswordPolicy(
204                     passwordPolicyRel.getPasswordPolicyId());
205             }
206             catch (NoSuchPasswordPolicyRelException nsppre) {
207             }
208         }
209 
210         // Get default password policy
211 
212         return getDefaultPasswordPolicy(companyId);
213     }
214 
215     @ThreadLocalCachable
216     public PasswordPolicy getPasswordPolicyByUserId(long userId)
217         throws PortalException, SystemException {
218 
219         User user = userPersistence.findByPrimaryKey(userId);
220 
221         if (LDAPSettingsUtil.isPasswordPolicyEnabled(user.getCompanyId())) {
222             return null;
223         }
224 
225         PasswordPolicyRel passwordPolicyRel = null;
226 
227         // Check for password policy specifically assigned to this user
228 
229         try {
230             passwordPolicyRel =
231                 passwordPolicyRelLocalService.getPasswordPolicyRel(
232                     User.class.getName(), userId);
233 
234             return getPasswordPolicy(passwordPolicyRel.getPasswordPolicyId());
235         }
236         catch (NoSuchPasswordPolicyRelException nsppre) {
237         }
238 
239         long[] organizationIds = user.getOrganizationIds();
240 
241         return getPasswordPolicy(user.getCompanyId(), organizationIds);
242     }
243 
244     public List<PasswordPolicy> search(
245             long companyId, String name, int start, int end,
246             OrderByComparator obc)
247         throws SystemException {
248 
249         return passwordPolicyFinder.findByC_N(companyId, name, start, end, obc);
250     }
251 
252     public int searchCount(long companyId, String name)
253         throws SystemException {
254 
255         return passwordPolicyFinder.countByC_N(companyId, name);
256     }
257 
258     public PasswordPolicy updatePasswordPolicy(
259             long passwordPolicyId, String name, String description,
260             boolean changeable, boolean changeRequired, long minAge,
261             boolean checkSyntax, boolean allowDictionaryWords, int minLength,
262             boolean history, int historyCount, boolean expireable, long maxAge,
263             long warningTime, int graceLimit, boolean lockout, int maxFailure,
264             long lockoutDuration, long resetFailureCount)
265         throws PortalException, SystemException {
266 
267         Date now = new Date();
268 
269         PasswordPolicy passwordPolicy =
270             passwordPolicyPersistence.findByPrimaryKey(
271                 passwordPolicyId);
272 
273         if (!passwordPolicy.getDefaultPolicy()) {
274             validate(passwordPolicyId, passwordPolicy.getCompanyId(), name);
275 
276             passwordPolicy.setName(name);
277         }
278 
279         passwordPolicy.setModifiedDate(now);
280         passwordPolicy.setDescription(description);
281         passwordPolicy.setChangeable(changeable);
282         passwordPolicy.setChangeRequired(changeRequired);
283         passwordPolicy.setMinAge(minAge);
284         passwordPolicy.setCheckSyntax(checkSyntax);
285         passwordPolicy.setAllowDictionaryWords(allowDictionaryWords);
286         passwordPolicy.setMinLength(minLength);
287         passwordPolicy.setHistory(history);
288         passwordPolicy.setHistoryCount(historyCount);
289         passwordPolicy.setExpireable(expireable);
290         passwordPolicy.setMaxAge(maxAge);
291         passwordPolicy.setWarningTime(warningTime);
292         passwordPolicy.setGraceLimit(graceLimit);
293         passwordPolicy.setLockout(lockout);
294         passwordPolicy.setMaxFailure(maxFailure);
295         passwordPolicy.setLockoutDuration(lockoutDuration);
296         passwordPolicy.setRequireUnlock(lockoutDuration == 0);
297         passwordPolicy.setResetFailureCount(resetFailureCount);
298 
299         passwordPolicyPersistence.update(passwordPolicy, false);
300 
301         return passwordPolicy;
302     }
303 
304     protected void validate(long passwordPolicyId, long companyId, String name)
305         throws PortalException, SystemException {
306 
307         if ((Validator.isNull(name)) || (Validator.isNumber(name)) ||
308             (name.indexOf(CharPool.COMMA) != -1) ||
309             (name.indexOf(CharPool.STAR) != -1)) {
310 
311             throw new PasswordPolicyNameException();
312         }
313 
314         PasswordPolicy passwordPolicy = passwordPolicyPersistence.fetchByC_N(
315             companyId, name);
316 
317         if (passwordPolicy != null) {
318             if ((passwordPolicyId <= 0) ||
319                 (passwordPolicy.getPasswordPolicyId() != passwordPolicyId)) {
320 
321                 throw new DuplicatePasswordPolicyException();
322             }
323         }
324     }
325 
326 }