1
22
23 package com.liferay.portlet.enterpriseadmin.action;
24
25 import com.liferay.portal.kernel.util.Constants;
26 import com.liferay.portal.kernel.util.ParamUtil;
27 import com.liferay.portal.kernel.util.Validator;
28 import com.liferay.portal.model.Company;
29 import com.liferay.portal.model.impl.RoleImpl;
30 import com.liferay.portal.security.auth.PrincipalException;
31 import com.liferay.portal.service.CompanyServiceUtil;
32 import com.liferay.portal.service.RoleLocalServiceUtil;
33 import com.liferay.portal.servlet.filters.sso.cas.CASFilter;
34 import com.liferay.portal.struts.PortletAction;
35 import com.liferay.portal.util.PortalUtil;
36 import com.liferay.portal.util.PrefsPropsUtil;
37 import com.liferay.portal.util.PropsUtil;
38 import com.liferay.util.ldap.LDAPUtil;
39 import com.liferay.util.servlet.SessionErrors;
40
41 import java.io.PrintWriter;
42 import java.io.StringWriter;
43
44 import java.util.Properties;
45
46 import javax.naming.Context;
47 import javax.naming.ldap.InitialLdapContext;
48
49 import javax.portlet.ActionRequest;
50 import javax.portlet.ActionResponse;
51 import javax.portlet.PortletConfig;
52 import javax.portlet.PortletPreferences;
53
54 import org.apache.commons.logging.Log;
55 import org.apache.commons.logging.LogFactory;
56 import org.apache.struts.action.ActionForm;
57 import org.apache.struts.action.ActionMapping;
58
59
65 public class EditSettingsAction extends PortletAction {
66
67 public void processAction(
68 ActionMapping mapping, ActionForm form, PortletConfig config,
69 ActionRequest req, ActionResponse res)
70 throws Exception {
71
72 long companyId = PortalUtil.getCompanyId(req);
73 long userId = PortalUtil.getUserId(req);
74
75 if (!RoleLocalServiceUtil.hasUserRole(
76 userId, companyId, RoleImpl.ADMINISTRATOR, true)) {
77
78 SessionErrors.add(req, PrincipalException.class.getName());
79
80 setForward(req, "portlet.enterprise_admin.error");
81
82 return;
83 }
84
85 PortletPreferences prefs = PrefsPropsUtil.getPreferences(companyId);
86
87 String cmd = ParamUtil.getString(req, Constants.CMD);
88
89 if (cmd.equals("updateCAS")) {
90 updateCAS(req, companyId, prefs);
91 }
92 else if (cmd.equals("updateDefaultGroupsAndRoles")) {
93 updateDefaultGroupsAndRoles(req, prefs);
94 }
95 else if (cmd.equals("updateEmails")) {
96 updateEmails(req, prefs);
97 }
98 else if (cmd.equals("updateLdap")) {
99 updateLdap(req, prefs);
100 }
101 else if (cmd.equals("updateMailHostNames")) {
102 updateMailHostNames(req, prefs);
103 }
104 else if (cmd.equals("updateNtlm")) {
105 updateNtlm(req, companyId, prefs);
106 }
107 else if (cmd.equals("updateOpenId")) {
108 updateOpenId(req, prefs);
109 }
110 else if (cmd.equals("updateOpenSSO")) {
111 updateOpenSSO(req, companyId, prefs);
112 }
113 else if (cmd.equals("updateReservedUsers")) {
114 updateReservedUsers(req, prefs);
115 }
116 else if (cmd.equals("updateSecurity")) {
117 updateSecurity(req);
118 }
119
120 if (SessionErrors.isEmpty(req)) {
121 if (!cmd.equals("updateLdap") && !cmd.equals("updateSecurity")) {
122 prefs.store();
123 }
124
125 sendRedirect(req, res);
126 }
127 else {
128 setForward(req, "portlet.enterprise_admin.view");
129 }
130 }
131
132 protected void updateCAS(
133 ActionRequest req, long companyId, PortletPreferences prefs)
134 throws Exception {
135
136 boolean enabled = ParamUtil.getBoolean(req, "enabled");
137 boolean importFromLdap = ParamUtil.getBoolean(req, "importFromLdap");
138 String loginUrl = ParamUtil.getString(req, "loginUrl");
139 String logoutUrl = ParamUtil.getString(req, "logoutUrl");
140 String serverName = ParamUtil.getString(req, "serverName");
141 String serviceUrl = ParamUtil.getString(req, "serviceUrl");
142 String validateUrl = ParamUtil.getString(req, "validateUrl");
143
144 prefs.setValue(
145 PropsUtil.CAS_AUTH_ENABLED, String.valueOf(enabled));
146 prefs.setValue(
147 PropsUtil.CAS_IMPORT_FROM_LDAP, String.valueOf(importFromLdap));
148 prefs.setValue(PropsUtil.CAS_LOGIN_URL, loginUrl);
149 prefs.setValue(PropsUtil.CAS_LOGOUT_URL, logoutUrl);
150 prefs.setValue(PropsUtil.CAS_SERVER_NAME, serverName);
151 prefs.setValue(PropsUtil.CAS_SERVICE_URL, serviceUrl);
152 prefs.setValue(PropsUtil.CAS_VALIDATE_URL, validateUrl);
153
154 prefs.store();
155
156 CASFilter.reload(companyId);
157 }
158
159 protected void updateDefaultGroupsAndRoles(
160 ActionRequest req, PortletPreferences prefs)
161 throws Exception {
162
163 String defaultGroupNames = ParamUtil.getString(
164 req, "defaultGroupNames");
165 String defaultRoleNames = ParamUtil.getString(req, "defaultRoleNames");
166 String defaultUserGroupNames = ParamUtil.getString(
167 req, "defaultUserGroupNames");
168
169 prefs.setValue(PropsUtil.ADMIN_DEFAULT_GROUP_NAMES, defaultGroupNames);
170 prefs.setValue(PropsUtil.ADMIN_DEFAULT_ROLE_NAMES, defaultRoleNames);
171 prefs.setValue(
172 PropsUtil.ADMIN_DEFAULT_USER_GROUP_NAMES, defaultUserGroupNames);
173 }
174
175 protected void updateEmails(
176 ActionRequest req, PortletPreferences prefs)
177 throws Exception {
178
179 String tabs3 = ParamUtil.getString(req, "tabs3");
180
181 if (tabs3.equals("account-created-notification")) {
182 String emailUserAddedEnabled = ParamUtil.getString(
183 req, "emailUserAddedEnabled");
184 String emailUserAddedSubject = ParamUtil.getString(
185 req, "emailUserAddedSubject");
186 String emailUserAddedBody = ParamUtil.getString(
187 req, "emailUserAddedBody");
188
189 if (Validator.isNull(emailUserAddedSubject)) {
190 SessionErrors.add(req, "emailUserAddedSubject");
191 }
192 else if (Validator.isNull(emailUserAddedBody)) {
193 SessionErrors.add(req, "emailUserAddedBody");
194 }
195 else {
196 prefs.setValue(
197 PropsUtil.ADMIN_EMAIL_USER_ADDED_ENABLED,
198 emailUserAddedEnabled);
199 prefs.setValue(
200 PropsUtil.ADMIN_EMAIL_USER_ADDED_SUBJECT,
201 emailUserAddedSubject);
202 prefs.setValue(
203 PropsUtil.ADMIN_EMAIL_USER_ADDED_BODY, emailUserAddedBody);
204 }
205 }
206 else if (tabs3.equals("password-changed-notification")) {
207 String emailPasswordSentEnabled = ParamUtil.getString(
208 req, "emailPasswordSentEnabled");
209 String emailPasswordSentSubject = ParamUtil.getString(
210 req, "emailPasswordSentSubject");
211 String emailPasswordSentBody = ParamUtil.getString(
212 req, "emailPasswordSentBody");
213
214 if (Validator.isNull(emailPasswordSentSubject)) {
215 SessionErrors.add(req, "emailPasswordSentSubject");
216 }
217 else if (Validator.isNull(emailPasswordSentBody)) {
218 SessionErrors.add(req, "emailPasswordSentBody");
219 }
220 else {
221 prefs.setValue(
222 PropsUtil.ADMIN_EMAIL_PASSWORD_SENT_ENABLED,
223 emailPasswordSentEnabled);
224 prefs.setValue(
225 PropsUtil.ADMIN_EMAIL_PASSWORD_SENT_SUBJECT,
226 emailPasswordSentSubject);
227 prefs.setValue(
228 PropsUtil.ADMIN_EMAIL_PASSWORD_SENT_BODY,
229 emailPasswordSentBody);
230 }
231 }
232 else {
233 String emailFromName = ParamUtil.getString(req, "emailFromName");
234 String emailFromAddress = ParamUtil.getString(
235 req, "emailFromAddress");
236
237 if (Validator.isNull(emailFromName)) {
238 SessionErrors.add(req, "emailFromName");
239 }
240 else if (!Validator.isEmailAddress(emailFromAddress)) {
241 SessionErrors.add(req, "emailFromAddress");
242 }
243 else {
244 prefs.setValue(PropsUtil.ADMIN_EMAIL_FROM_NAME, emailFromName);
245 prefs.setValue(
246 PropsUtil.ADMIN_EMAIL_FROM_ADDRESS, emailFromAddress);
247 }
248 }
249 }
250
251 protected void updateLdap(ActionRequest req, PortletPreferences prefs)
252 throws Exception {
253
254 boolean enabled = ParamUtil.getBoolean(req, "enabled");
255 boolean required = ParamUtil.getBoolean(req, "required");
256 String baseProviderURL = ParamUtil.getString(req, "baseProviderURL");
257 String baseDN = ParamUtil.getString(req, "baseDN");
258 String principal = ParamUtil.getString(req, "principal");
259 String credentials = ParamUtil.getString(req, "credentials");
260 String searchFilter = ParamUtil.getString(req, "searchFilter");
261 String passwordEncryptionAlgorithm = ParamUtil.getString(
262 req, "passwordEncryptionAlgorithm");
263 String userMappings = ParamUtil.getString(req, "userMappings");
264 boolean importEnabled = ParamUtil.getBoolean(req, "importEnabled");
265 boolean importOnStartup = ParamUtil.getBoolean(req, "importOnStartup");
266 long importInterval = ParamUtil.getLong(req, "importInterval");
267 String importUserSearchFilter = ParamUtil.getString(
268 req, "importUserSearchFilter");
269 String importGroupSearchFilter = ParamUtil.getString(
270 req, "importGroupSearchFilter");
271 boolean exportEnabled = ParamUtil.getBoolean(req, "exportEnabled");
272 String usersDn = ParamUtil.getString(req, "usersDn");
273 String userDefaultObjectClasses = ParamUtil.getString(
274 req, "userDefaultObjectClasses");
275 boolean passwordPolicyEnabled = ParamUtil.getBoolean(
276 req, "passwordPolicyEnabled");
277
278 try {
279 if (enabled) {
280 Properties env = new Properties();
281
282 env.put(
283 Context.INITIAL_CONTEXT_FACTORY,
284 PrefsPropsUtil.getString(PropsUtil.LDAP_FACTORY_INITIAL));
285 env.put(
286 Context.PROVIDER_URL,
287 LDAPUtil.getFullProviderURL(baseProviderURL, baseDN));
288 env.put(Context.SECURITY_PRINCIPAL, principal);
289 env.put(Context.SECURITY_CREDENTIALS, credentials);
290
291 if (_log.isDebugEnabled()) {
292 StringWriter sw = new StringWriter();
293
294 env.list(new PrintWriter(sw));
295
296 _log.debug(sw.getBuffer().toString());
297 }
298
299 new InitialLdapContext(env, null);
300 }
301 }
302 catch (Exception e) {
303 SessionErrors.add(req, "ldapAuthentication");
304
305 return;
306 }
307
308 prefs.setValue(PropsUtil.LDAP_AUTH_ENABLED, String.valueOf(enabled));
309 prefs.setValue(PropsUtil.LDAP_AUTH_REQUIRED, String.valueOf(required));
310 prefs.setValue(PropsUtil.LDAP_BASE_PROVIDER_URL, baseProviderURL);
311 prefs.setValue(PropsUtil.LDAP_BASE_DN, baseDN);
312 prefs.setValue(PropsUtil.LDAP_SECURITY_PRINCIPAL, principal);
313 prefs.setValue(PropsUtil.LDAP_SECURITY_CREDENTIALS, credentials);
314 prefs.setValue(PropsUtil.LDAP_AUTH_SEARCH_FILTER, searchFilter);
315 prefs.setValue(
316 PropsUtil.LDAP_AUTH_PASSWORD_ENCRYPTION_ALGORITHM,
317 passwordEncryptionAlgorithm);
318 prefs.setValue(PropsUtil.LDAP_USER_MAPPINGS, userMappings);
319 prefs.setValue(
320 PropsUtil.LDAP_IMPORT_ENABLED, String.valueOf(importEnabled));
321 prefs.setValue(
322 PropsUtil.LDAP_IMPORT_ON_STARTUP, String.valueOf(importOnStartup));
323 prefs.setValue(
324 PropsUtil.LDAP_IMPORT_INTERVAL, String.valueOf(importInterval));
325 prefs.setValue(
326 PropsUtil.LDAP_IMPORT_USER_SEARCH_FILTER, importUserSearchFilter);
327 prefs.setValue(
328 PropsUtil.LDAP_IMPORT_GROUP_SEARCH_FILTER, importGroupSearchFilter);
329 prefs.setValue(
330 PropsUtil.LDAP_EXPORT_ENABLED, String.valueOf(exportEnabled));
331 prefs.setValue(PropsUtil.LDAP_USERS_DN, usersDn);
332 prefs.setValue(
333 PropsUtil.LDAP_USER_DEFAULT_OBJECT_CLASSES,
334 userDefaultObjectClasses);
335 prefs.setValue(
336 PropsUtil.LDAP_PASSWORD_POLICY_ENABLED,
337 String.valueOf(passwordPolicyEnabled));
338
339 prefs.store();
340 }
341
342 protected void updateMailHostNames(
343 ActionRequest req, PortletPreferences prefs)
344 throws Exception {
345
346 String mailHostNames = ParamUtil.getString(req, "mailHostNames");
347
348 prefs.setValue(PropsUtil.ADMIN_MAIL_HOST_NAMES, mailHostNames);
349 }
350
351 protected void updateNtlm(
352 ActionRequest req, long companyId, PortletPreferences prefs)
353 throws Exception {
354
355 boolean enabled = ParamUtil.getBoolean(req, "enabled");
356 String domainController = ParamUtil.getString(req, "domainController");
357 String domain = ParamUtil.getString(req, "domain");
358
359 prefs.setValue(
360 PropsUtil.NTLM_AUTH_ENABLED, String.valueOf(enabled));
361 prefs.setValue(PropsUtil.NTLM_DOMAIN_CONTROLLER, domainController);
362 prefs.setValue(PropsUtil.NTLM_DOMAIN, domain);
363
364 prefs.store();
365 }
366
367 protected void updateOpenId(ActionRequest req, PortletPreferences prefs)
368 throws Exception {
369
370 boolean enabled = ParamUtil.getBoolean(req, "enabled");
371
372 prefs.setValue(PropsUtil.OPEN_ID_AUTH_ENABLED, String.valueOf(enabled));
373
374 prefs.store();
375 }
376
377 protected void updateOpenSSO(
378 ActionRequest req, long companyId, PortletPreferences prefs)
379 throws Exception {
380
381 boolean enabled = ParamUtil.getBoolean(req, "enabled");
382 String loginUrl = ParamUtil.getString(req, "loginUrl");
383 String logoutUrl = ParamUtil.getString(req, "logoutUrl");
384 String serviceUrl = ParamUtil.getString(req, "serviceUrl");
385 String subjectCookieName = ParamUtil.getString(
386 req, "subjectCookieName");
387
388 prefs.setValue(
389 PropsUtil.OPEN_SSO_AUTH_ENABLED, String.valueOf(enabled));
390 prefs.setValue(PropsUtil.OPEN_SSO_LOGIN_URL, loginUrl);
391 prefs.setValue(PropsUtil.OPEN_SSO_LOGOUT_URL, logoutUrl);
392 prefs.setValue(PropsUtil.OPEN_SSO_SERVICE_URL, serviceUrl);
393 prefs.setValue(
394 PropsUtil.OPEN_SSO_SUBJECT_COOKIE_NAME, subjectCookieName);
395
396 prefs.store();
397 }
398
399 protected void updateReservedUsers(
400 ActionRequest req, PortletPreferences prefs)
401 throws Exception {
402
403 String reservedScreenNames = ParamUtil.getString(
404 req, "reservedScreenNames");
405 String reservedEmailAddresses = ParamUtil.getString(
406 req, "reservedEmailAddresses");
407
408 prefs.setValue(
409 PropsUtil.ADMIN_RESERVED_SCREEN_NAMES, reservedScreenNames);
410 prefs.setValue(
411 PropsUtil.ADMIN_RESERVED_EMAIL_ADDRESSES, reservedEmailAddresses);
412 }
413
414 protected void updateSecurity(ActionRequest req) throws Exception {
415 Company company = PortalUtil.getCompany(req);
416
417 String authType = ParamUtil.getString(req, "authType");
418 boolean autoLogin = ParamUtil.getBoolean(req, "autoLogin");
419 boolean sendPassword = ParamUtil.getBoolean(req, "sendPassword");
420 boolean strangers = ParamUtil.getBoolean(req, "strangers");
421 boolean strangersWithMx = ParamUtil.getBoolean(req, "strangersWithMx");
422 boolean strangersVerify = ParamUtil.getBoolean(req, "strangersVerify");
423
424 CompanyServiceUtil.updateSecurity(
425 company.getCompanyId(), authType, autoLogin, sendPassword,
426 strangers, strangersWithMx, strangersVerify,
427 company.isCommunityLogo());
428 }
429
430 private static Log _log = LogFactory.getLog(EditSettingsAction.class);
431
432 }