1   /**
2    * Copyright (c) 2000-2007 Liferay, Inc. All rights reserved.
3    *
4    * Permission is hereby granted, free of charge, to any person obtaining a copy
5    * of this software and associated documentation files (the "Software"), to deal
6    * in the Software without restriction, including without limitation the rights
7    * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
8    * copies of the Software, and to permit persons to whom the Software is
9    * furnished to do so, subject to the following conditions:
10   *
11   * The above copyright notice and this permission notice shall be included in
12   * all copies or substantial portions of the Software.
13   *
14   * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15   * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16   * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
17   * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
18   * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
19   * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
20   * SOFTWARE.
21   */
22  
23  package com.liferay.portal.service.impl;
24  
25  import com.liferay.counter.service.CounterLocalServiceUtil;
26  import com.liferay.portal.DuplicatePasswordPolicyException;
27  import com.liferay.portal.NoSuchPasswordPolicyException;
28  import com.liferay.portal.NoSuchPasswordPolicyRelException;
29  import com.liferay.portal.PasswordPolicyNameException;
30  import com.liferay.portal.PortalException;
31  import com.liferay.portal.RequiredPasswordPolicyException;
32  import com.liferay.portal.SystemException;
33  import com.liferay.portal.kernel.util.GetterUtil;
34  import com.liferay.portal.kernel.util.StringPool;
35  import com.liferay.portal.kernel.util.Validator;
36  import com.liferay.portal.model.Organization;
37  import com.liferay.portal.model.PasswordPolicy;
38  import com.liferay.portal.model.PasswordPolicyRel;
39  import com.liferay.portal.model.User;
40  import com.liferay.portal.model.impl.ResourceImpl;
41  import com.liferay.portal.security.ldap.PortalLDAPUtil;
42  import com.liferay.portal.service.PasswordPolicyRelLocalServiceUtil;
43  import com.liferay.portal.service.ResourceLocalServiceUtil;
44  import com.liferay.portal.service.UserLocalServiceUtil;
45  import com.liferay.portal.service.base.PasswordPolicyLocalServiceBaseImpl;
46  import com.liferay.portal.service.persistence.PasswordPolicyFinder;
47  import com.liferay.portal.service.persistence.PasswordPolicyUtil;
48  import com.liferay.portal.service.persistence.UserUtil;
49  import com.liferay.portal.util.PropsUtil;
50  
51  import java.util.Date;
52  import java.util.List;
53  
54  /**
55   * <a href="PasswordPolicyLocalServiceImpl.java.html"><b><i>View Source</i></b>
56   * </a>
57   *
58   * @author Scott Lee
59   *
60   */
61  public class PasswordPolicyLocalServiceImpl
62      extends PasswordPolicyLocalServiceBaseImpl {
63  
64      public PasswordPolicy addPasswordPolicy(
65              long userId, boolean defaultPolicy, String name, String description,
66              boolean changeable, boolean changeRequired, long minAge,
67              boolean checkSyntax, boolean allowDictionaryWords, int minLength,
68              boolean history, int historyCount, boolean expireable, long maxAge,
69              long warningTime, int graceLimit, boolean lockout, int maxFailure,
70              long lockoutDuration, long resetFailureCount)
71          throws PortalException, SystemException {
72  
73          // Password policy
74  
75          User user = UserUtil.findByPrimaryKey(userId);
76          Date now = new Date();
77  
78          validate(0, user.getCompanyId(), name);
79  
80          long passwordPolicyId = CounterLocalServiceUtil.increment();
81  
82          PasswordPolicy passwordPolicy = PasswordPolicyUtil.create(
83              passwordPolicyId);
84  
85          passwordPolicy.setUserId(userId);
86          passwordPolicy.setCompanyId(user.getCompanyId());
87          passwordPolicy.setUserName(user.getFullName());
88          passwordPolicy.setCreateDate(now);
89          passwordPolicy.setModifiedDate(now);
90          passwordPolicy.setDefaultPolicy(defaultPolicy);
91          passwordPolicy.setName(name);
92          passwordPolicy.setDescription(description);
93          passwordPolicy.setChangeable(changeable);
94          passwordPolicy.setChangeRequired(changeRequired);
95          passwordPolicy.setMinAge(minAge);
96          passwordPolicy.setCheckSyntax(checkSyntax);
97          passwordPolicy.setAllowDictionaryWords(allowDictionaryWords);
98          passwordPolicy.setMinLength(minLength);
99          passwordPolicy.setHistory(history);
100         passwordPolicy.setHistoryCount(historyCount);
101         passwordPolicy.setExpireable(expireable);
102         passwordPolicy.setMaxAge(maxAge);
103         passwordPolicy.setWarningTime(warningTime);
104         passwordPolicy.setGraceLimit(graceLimit);
105         passwordPolicy.setLockout(lockout);
106         passwordPolicy.setMaxFailure(maxFailure);
107         passwordPolicy.setLockoutDuration(lockoutDuration);
108         passwordPolicy.setRequireUnlock(lockoutDuration == 0);
109         passwordPolicy.setResetFailureCount(resetFailureCount);
110 
111         PasswordPolicyUtil.update(passwordPolicy);
112 
113         // Resources
114 
115         if (!user.isDefaultUser()) {
116             ResourceLocalServiceUtil.addResources(
117                 user.getCompanyId(), 0, userId, PasswordPolicy.class.getName(),
118                 passwordPolicy.getPasswordPolicyId(), false, false, false);
119         }
120 
121         return passwordPolicy;
122     }
123 
124     public void checkDefaultPasswordPolicy(long companyId)
125         throws PortalException, SystemException {
126 
127         String defaultPasswordPolicyName = GetterUtil.getString(
128             PropsUtil.get(PropsUtil.PASSWORDS_DEFAULT_POLICY_NAME));
129 
130         try {
131             PasswordPolicyUtil.findByC_N(companyId, defaultPasswordPolicyName);
132         }
133         catch (NoSuchPasswordPolicyException nsppe) {
134             addPasswordPolicy(
135                 UserLocalServiceUtil.getDefaultUserId(companyId), true,
136                 defaultPasswordPolicyName, defaultPasswordPolicyName, true,
137                 false, 0, false, true, 6, false, 6, false, 8640000, 86400, 0,
138                 false, 3, 0, 600);
139         }
140     }
141 
142     public void deletePasswordPolicy(long passwordPolicyId)
143         throws PortalException, SystemException {
144 
145         PasswordPolicy passwordPolicy =
146             PasswordPolicyUtil.findByPrimaryKey(passwordPolicyId);
147 
148         if (passwordPolicy.isDefaultPolicy()) {
149             throw new RequiredPasswordPolicyException();
150         }
151 
152         // Resources
153 
154         ResourceLocalServiceUtil.deleteResource(
155             passwordPolicy.getCompanyId(), PasswordPolicy.class.getName(),
156             ResourceImpl.SCOPE_INDIVIDUAL,
157             passwordPolicy.getPasswordPolicyId());
158 
159         // Password policy
160 
161         PasswordPolicyUtil.remove(passwordPolicyId);
162     }
163 
164     public PasswordPolicy getDefaultPasswordPolicy(long companyId)
165         throws PortalException, SystemException {
166 
167         if (PortalLDAPUtil.isPasswordPolicyEnabled(companyId)) {
168             return null;
169         }
170 
171         return PasswordPolicyUtil.findByC_DP(companyId, true);
172     }
173 
174     public PasswordPolicy getPasswordPolicy(long passwordPolicyId)
175         throws PortalException, SystemException {
176 
177         return PasswordPolicyUtil.findByPrimaryKey(passwordPolicyId);
178     }
179 
180     public PasswordPolicy getPasswordPolicy(
181             long companyId, long organizationId, long locationId)
182         throws PortalException, SystemException {
183 
184         if (PortalLDAPUtil.isPasswordPolicyEnabled(companyId)) {
185             return null;
186         }
187 
188         PasswordPolicyRel passwordPolicyRel = null;
189 
190         // Check for password policy specifically assigned to this location
191 
192         try {
193             passwordPolicyRel =
194                 PasswordPolicyRelLocalServiceUtil.getPasswordPolicyRel(
195                     Organization.class.getName(), locationId);
196 
197             return getPasswordPolicy(passwordPolicyRel.getPasswordPolicyId());
198         }
199         catch (NoSuchPasswordPolicyRelException nsppre) {
200         }
201 
202         // Check for password policy specifically assigned to this organization
203 
204         try {
205             passwordPolicyRel =
206                 PasswordPolicyRelLocalServiceUtil.getPasswordPolicyRel(
207                     Organization.class.getName(), organizationId);
208 
209             return getPasswordPolicy(passwordPolicyRel.getPasswordPolicyId());
210         }
211         catch (NoSuchPasswordPolicyRelException nsppre) {
212         }
213 
214         // Get default password policy
215 
216         return getDefaultPasswordPolicy(companyId);
217     }
218 
219     public PasswordPolicy getPasswordPolicyByUserId(long userId)
220         throws PortalException, SystemException {
221 
222         User user = UserUtil.findByPrimaryKey(userId);
223 
224         if (PortalLDAPUtil.isPasswordPolicyEnabled(user.getCompanyId())) {
225             return null;
226         }
227 
228         PasswordPolicyRel passwordPolicyRel = null;
229 
230         // Check for password policy specifically assigned to this user
231 
232         try {
233             passwordPolicyRel =
234                 PasswordPolicyRelLocalServiceUtil.getPasswordPolicyRel(
235                     User.class.getName(), userId);
236 
237             return getPasswordPolicy(passwordPolicyRel.getPasswordPolicyId());
238         }
239         catch (NoSuchPasswordPolicyRelException nsppre) {
240         }
241 
242         long locationId = user.getLocation().getOrganizationId();
243         long organizationId = user.getOrganization().getOrganizationId();
244 
245         return getPasswordPolicy(
246             user.getCompanyId(), organizationId, locationId);
247     }
248 
249     public List search(long companyId, String name, int begin, int end)
250         throws SystemException {
251 
252         return PasswordPolicyFinder.findByC_N(companyId, name, begin, end);
253     }
254 
255     public int searchCount(long companyId, String name)
256         throws SystemException {
257 
258         return PasswordPolicyFinder.countByC_N(companyId, name);
259     }
260 
261     public PasswordPolicy updatePasswordPolicy(
262             long passwordPolicyId, String name, String description,
263             boolean changeable, boolean changeRequired, long minAge,
264             boolean checkSyntax, boolean allowDictionaryWords, int minLength,
265             boolean history, int historyCount, boolean expireable, long maxAge,
266             long warningTime, int graceLimit, boolean lockout, int maxFailure,
267             long lockoutDuration, long resetFailureCount)
268         throws PortalException, SystemException {
269 
270         Date now = new Date();
271 
272         PasswordPolicy passwordPolicy = PasswordPolicyUtil.findByPrimaryKey(
273             passwordPolicyId);
274 
275         if (!passwordPolicy.getDefaultPolicy()) {
276             validate(passwordPolicyId, passwordPolicy.getCompanyId(), name);
277 
278             passwordPolicy.setName(name);
279         }
280 
281         passwordPolicy.setModifiedDate(now);
282         passwordPolicy.setDescription(description);
283         passwordPolicy.setChangeable(changeable);
284         passwordPolicy.setChangeRequired(changeRequired);
285         passwordPolicy.setMinAge(minAge);
286         passwordPolicy.setCheckSyntax(checkSyntax);
287         passwordPolicy.setAllowDictionaryWords(allowDictionaryWords);
288         passwordPolicy.setMinLength(minLength);
289         passwordPolicy.setHistory(history);
290         passwordPolicy.setHistoryCount(historyCount);
291         passwordPolicy.setExpireable(expireable);
292         passwordPolicy.setMaxAge(maxAge);
293         passwordPolicy.setWarningTime(warningTime);
294         passwordPolicy.setGraceLimit(graceLimit);
295         passwordPolicy.setLockout(lockout);
296         passwordPolicy.setMaxFailure(maxFailure);
297         passwordPolicy.setLockoutDuration(lockoutDuration);
298         passwordPolicy.setRequireUnlock(lockoutDuration == 0);
299         passwordPolicy.setResetFailureCount(resetFailureCount);
300 
301         PasswordPolicyUtil.update(passwordPolicy);
302 
303         return passwordPolicy;
304     }
305 
306     protected void validate(long passwordPolicyId, long companyId, String name)
307         throws PortalException, SystemException {
308 
309         if ((Validator.isNull(name)) || (Validator.isNumber(name)) ||
310             (name.indexOf(StringPool.COMMA) != -1) ||
311             (name.indexOf(StringPool.STAR) != -1)) {
312 
313             throw new PasswordPolicyNameException();
314         }
315 
316         try {
317             PasswordPolicy passwordPolicy =
318                 PasswordPolicyUtil.findByC_N(companyId, name);
319 
320             if ((passwordPolicyId <= 0) ||
321                 (passwordPolicy.getPasswordPolicyId() != passwordPolicyId)) {
322 
323                 throw new DuplicatePasswordPolicyException();
324             }
325         }
326         catch (NoSuchPasswordPolicyException nsge) {
327         }
328     }
329 
330 }