1   /**
2    * Copyright (c) 2000-2008 Liferay, Inc. All rights reserved.
3    *
4    * Permission is hereby granted, free of charge, to any person obtaining a copy
5    * of this software and associated documentation files (the "Software"), to deal
6    * in the Software without restriction, including without limitation the rights
7    * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
8    * copies of the Software, and to permit persons to whom the Software is
9    * furnished to do so, subject to the following conditions:
10   *
11   * The above copyright notice and this permission notice shall be included in
12   * all copies or substantial portions of the Software.
13   *
14   * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15   * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16   * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
17   * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
18   * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
19   * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
20   * SOFTWARE.
21   */
22  
23  package com.liferay.portlet.enterpriseadmin.action;
24  
25  import com.liferay.portal.kernel.util.Constants;
26  import com.liferay.portal.kernel.util.ParamUtil;
27  import com.liferay.portal.kernel.util.Validator;
28  import com.liferay.portal.model.Company;
29  import com.liferay.portal.model.impl.RoleImpl;
30  import com.liferay.portal.security.auth.PrincipalException;
31  import com.liferay.portal.security.ldap.PortalLDAPUtil;
32  import com.liferay.portal.service.CompanyServiceUtil;
33  import com.liferay.portal.service.RoleLocalServiceUtil;
34  import com.liferay.portal.servlet.filters.sso.cas.CASFilter;
35  import com.liferay.portal.struts.PortletAction;
36  import com.liferay.portal.util.PortalUtil;
37  import com.liferay.portal.util.PrefsPropsUtil;
38  import com.liferay.portal.util.PropsUtil;
39  import com.liferay.util.ldap.LDAPUtil;
40  import com.liferay.util.servlet.SessionErrors;
41  
42  import javax.portlet.ActionRequest;
43  import javax.portlet.ActionResponse;
44  import javax.portlet.PortletConfig;
45  import javax.portlet.PortletPreferences;
46  
47  import org.apache.struts.action.ActionForm;
48  import org.apache.struts.action.ActionMapping;
49  
50  /**
51   * <a href="EditSettingsAction.java.html"><b><i>View Source</i></b></a>
52   *
53   * @author Brian Wing Shun Chan
54   * @author Scott Lee
55   *
56   */
57  public class EditSettingsAction extends PortletAction {
58  
59      public void processAction(
60              ActionMapping mapping, ActionForm form, PortletConfig config,
61              ActionRequest req, ActionResponse res)
62          throws Exception {
63  
64          long companyId = PortalUtil.getCompanyId(req);
65          long userId = PortalUtil.getUserId(req);
66  
67          if (!RoleLocalServiceUtil.hasUserRole(
68                  userId, companyId, RoleImpl.ADMINISTRATOR, true)) {
69  
70              SessionErrors.add(req, PrincipalException.class.getName());
71  
72              setForward(req, "portlet.enterprise_admin.error");
73  
74              return;
75          }
76  
77          PortletPreferences prefs = PrefsPropsUtil.getPreferences(companyId);
78  
79          String cmd = ParamUtil.getString(req, Constants.CMD);
80  
81          if (cmd.equals("updateCAS")) {
82              updateCAS(req, companyId, prefs);
83          }
84          else if (cmd.equals("updateDefaultGroupsAndRoles")) {
85              updateDefaultGroupsAndRoles(req, prefs);
86          }
87          else if (cmd.equals("updateEmails")) {
88              updateEmails(req, prefs);
89          }
90          else if (cmd.equals("updateLdap")) {
91              updateLdap(req, companyId, prefs);
92          }
93          else if (cmd.equals("updateMailHostNames")) {
94              updateMailHostNames(req, prefs);
95          }
96          else if (cmd.equals("updateNtlm")) {
97              updateNtlm(req, companyId, prefs);
98          }
99          else if (cmd.equals("updateOpenId")) {
100             updateOpenId(req, prefs);
101         }
102         else if (cmd.equals("updateOpenSSO")) {
103             updateOpenSSO(req, companyId, prefs);
104         }
105         else if (cmd.equals("updateReservedUsers")) {
106             updateReservedUsers(req, prefs);
107         }
108         else if (cmd.equals("updateSecurity")) {
109             updateSecurity(req);
110         }
111 
112         if (SessionErrors.isEmpty(req)) {
113             if (!cmd.equals("updateLdap") && !cmd.equals("updateSecurity")) {
114                 prefs.store();
115             }
116 
117             sendRedirect(req, res);
118         }
119         else {
120             setForward(req, "portlet.enterprise_admin.view");
121         }
122     }
123 
124     protected void updateCAS(
125             ActionRequest req, long companyId, PortletPreferences prefs)
126         throws Exception {
127 
128         boolean enabled = ParamUtil.getBoolean(req, "enabled");
129         boolean importFromLdap = ParamUtil.getBoolean(req, "importFromLdap");
130         String loginUrl = ParamUtil.getString(req, "loginUrl");
131         String logoutUrl = ParamUtil.getString(req, "logoutUrl");
132         String serverName = ParamUtil.getString(req, "serverName");
133         String serviceUrl = ParamUtil.getString(req, "serviceUrl");
134         String validateUrl = ParamUtil.getString(req, "validateUrl");
135 
136         prefs.setValue(
137             PropsUtil.CAS_AUTH_ENABLED, String.valueOf(enabled));
138         prefs.setValue(
139             PropsUtil.CAS_IMPORT_FROM_LDAP, String.valueOf(importFromLdap));
140         prefs.setValue(PropsUtil.CAS_LOGIN_URL, loginUrl);
141         prefs.setValue(PropsUtil.CAS_LOGOUT_URL, logoutUrl);
142         prefs.setValue(PropsUtil.CAS_SERVER_NAME, serverName);
143         prefs.setValue(PropsUtil.CAS_SERVICE_URL, serviceUrl);
144         prefs.setValue(PropsUtil.CAS_VALIDATE_URL, validateUrl);
145 
146         prefs.store();
147 
148         CASFilter.reload(companyId);
149     }
150 
151     protected void updateDefaultGroupsAndRoles(
152             ActionRequest req, PortletPreferences prefs)
153         throws Exception {
154 
155         String defaultGroupNames = ParamUtil.getString(
156             req, "defaultGroupNames");
157         String defaultRoleNames = ParamUtil.getString(req, "defaultRoleNames");
158         String defaultUserGroupNames = ParamUtil.getString(
159             req, "defaultUserGroupNames");
160 
161         prefs.setValue(PropsUtil.ADMIN_DEFAULT_GROUP_NAMES, defaultGroupNames);
162         prefs.setValue(PropsUtil.ADMIN_DEFAULT_ROLE_NAMES, defaultRoleNames);
163         prefs.setValue(
164             PropsUtil.ADMIN_DEFAULT_USER_GROUP_NAMES, defaultUserGroupNames);
165     }
166 
167     protected void updateEmails(
168             ActionRequest req, PortletPreferences prefs)
169         throws Exception {
170 
171         String tabs3 = ParamUtil.getString(req, "tabs3");
172 
173         if (tabs3.equals("account-created-notification")) {
174             String emailUserAddedEnabled = ParamUtil.getString(
175                 req, "emailUserAddedEnabled");
176             String emailUserAddedSubject = ParamUtil.getString(
177                 req, "emailUserAddedSubject");
178             String emailUserAddedBody = ParamUtil.getString(
179                 req, "emailUserAddedBody");
180 
181             if (Validator.isNull(emailUserAddedSubject)) {
182                 SessionErrors.add(req, "emailUserAddedSubject");
183             }
184             else if (Validator.isNull(emailUserAddedBody)) {
185                 SessionErrors.add(req, "emailUserAddedBody");
186             }
187             else {
188                 prefs.setValue(
189                     PropsUtil.ADMIN_EMAIL_USER_ADDED_ENABLED,
190                     emailUserAddedEnabled);
191                 prefs.setValue(
192                     PropsUtil.ADMIN_EMAIL_USER_ADDED_SUBJECT,
193                     emailUserAddedSubject);
194                 prefs.setValue(
195                     PropsUtil.ADMIN_EMAIL_USER_ADDED_BODY, emailUserAddedBody);
196             }
197         }
198         else if (tabs3.equals("password-changed-notification")) {
199             String emailPasswordSentEnabled = ParamUtil.getString(
200                 req, "emailPasswordSentEnabled");
201             String emailPasswordSentSubject = ParamUtil.getString(
202                 req, "emailPasswordSentSubject");
203             String emailPasswordSentBody = ParamUtil.getString(
204                 req, "emailPasswordSentBody");
205 
206             if (Validator.isNull(emailPasswordSentSubject)) {
207                 SessionErrors.add(req, "emailPasswordSentSubject");
208             }
209             else if (Validator.isNull(emailPasswordSentBody)) {
210                 SessionErrors.add(req, "emailPasswordSentBody");
211             }
212             else {
213                 prefs.setValue(
214                     PropsUtil.ADMIN_EMAIL_PASSWORD_SENT_ENABLED,
215                     emailPasswordSentEnabled);
216                 prefs.setValue(
217                     PropsUtil.ADMIN_EMAIL_PASSWORD_SENT_SUBJECT,
218                     emailPasswordSentSubject);
219                 prefs.setValue(
220                     PropsUtil.ADMIN_EMAIL_PASSWORD_SENT_BODY,
221                     emailPasswordSentBody);
222             }
223         }
224         else {
225             String emailFromName = ParamUtil.getString(req, "emailFromName");
226             String emailFromAddress = ParamUtil.getString(
227                 req, "emailFromAddress");
228 
229             if (Validator.isNull(emailFromName)) {
230                 SessionErrors.add(req, "emailFromName");
231             }
232             else if (!Validator.isEmailAddress(emailFromAddress)) {
233                 SessionErrors.add(req, "emailFromAddress");
234             }
235             else {
236                 prefs.setValue(PropsUtil.ADMIN_EMAIL_FROM_NAME, emailFromName);
237                 prefs.setValue(
238                     PropsUtil.ADMIN_EMAIL_FROM_ADDRESS, emailFromAddress);
239             }
240         }
241     }
242 
243     protected void updateLdap(
244             ActionRequest req, long companyId, PortletPreferences prefs)
245         throws Exception {
246 
247         boolean enabled = ParamUtil.getBoolean(req, "enabled");
248         boolean required = ParamUtil.getBoolean(req, "required");
249         String baseProviderURL = ParamUtil.getString(req, "baseProviderURL");
250         String baseDN = ParamUtil.getString(req, "baseDN");
251         String principal = ParamUtil.getString(req, "principal");
252         String credentials = ParamUtil.getString(req, "credentials");
253         String searchFilter = ParamUtil.getString(req, "searchFilter");
254         String userDefaultObjectClasses = ParamUtil.getString(
255             req, "userDefaultObjectClasses");
256 
257         String userMappings =
258             "screenName=" + ParamUtil.getString(req, "userMappingScreenName") +
259             "\npassword=" + ParamUtil.getString(req, "userMappingPassword") +
260             "\nemailAddress=" +
261                 ParamUtil.getString(req, "userMappingEmailAddress") +
262             "\nfullName=" + ParamUtil.getString(req, "userMappingFullName") +
263             "\nfirstName=" + ParamUtil.getString(req, "userMappingFirstName") +
264             "\nlastName=" + ParamUtil.getString(req, "userMappingLastName") +
265             "\njobTitle=" + ParamUtil.getString(req, "userMappingJobTitle") +
266             "\ngroup=" + ParamUtil.getString(req, "userMappingGroup");
267 
268         String groupMappings =
269             "groupName=" + ParamUtil.getString(req, "groupMappingGroupName") +
270             "\ndescription=" +
271                 ParamUtil.getString(req, "groupMappingDescription") +
272             "\nuser=" + ParamUtil.getString(req, "groupMappingUser");
273 
274         boolean importEnabled = ParamUtil.getBoolean(req, "importEnabled");
275         boolean importOnStartup = ParamUtil.getBoolean(req, "importOnStartup");
276         long importInterval = ParamUtil.getLong(req, "importInterval");
277         String importUserSearchFilter = ParamUtil.getString(
278             req, "importUserSearchFilter");
279         String importGroupSearchFilter = ParamUtil.getString(
280             req, "importGroupSearchFilter");
281         boolean exportEnabled = ParamUtil.getBoolean(req, "exportEnabled");
282         String usersDN = ParamUtil.getString(req, "usersDN");
283         String groupsDN = ParamUtil.getString(req, "groupsDN");
284         boolean passwordPolicyEnabled = ParamUtil.getBoolean(
285             req, "passwordPolicyEnabled");
286 
287         try {
288             if (enabled) {
289                 String fullProviderURL = LDAPUtil.getFullProviderURL(
290                     baseProviderURL, baseDN);
291 
292                 PortalLDAPUtil.getContext(
293                     companyId, fullProviderURL, principal, credentials);
294             }
295         }
296         catch (Exception e) {
297             SessionErrors.add(req, "ldapAuthentication");
298 
299             return;
300         }
301 
302         prefs.setValue(PropsUtil.LDAP_AUTH_ENABLED, String.valueOf(enabled));
303         prefs.setValue(PropsUtil.LDAP_AUTH_REQUIRED, String.valueOf(required));
304         prefs.setValue(PropsUtil.LDAP_BASE_PROVIDER_URL, baseProviderURL);
305         prefs.setValue(PropsUtil.LDAP_BASE_DN, baseDN);
306         prefs.setValue(PropsUtil.LDAP_SECURITY_PRINCIPAL, principal);
307         prefs.setValue(PropsUtil.LDAP_SECURITY_CREDENTIALS, credentials);
308         prefs.setValue(PropsUtil.LDAP_AUTH_SEARCH_FILTER, searchFilter);
309         prefs.setValue(
310             PropsUtil.LDAP_USER_DEFAULT_OBJECT_CLASSES,
311             userDefaultObjectClasses);
312         prefs.setValue(PropsUtil.LDAP_USER_MAPPINGS, userMappings);
313         prefs.setValue(PropsUtil.LDAP_GROUP_MAPPINGS, groupMappings);
314         prefs.setValue(
315             PropsUtil.LDAP_IMPORT_ENABLED, String.valueOf(importEnabled));
316         prefs.setValue(
317             PropsUtil.LDAP_IMPORT_ON_STARTUP, String.valueOf(importOnStartup));
318         prefs.setValue(
319             PropsUtil.LDAP_IMPORT_INTERVAL, String.valueOf(importInterval));
320         prefs.setValue(
321             PropsUtil.LDAP_IMPORT_USER_SEARCH_FILTER, importUserSearchFilter);
322         prefs.setValue(
323             PropsUtil.LDAP_IMPORT_GROUP_SEARCH_FILTER, importGroupSearchFilter);
324         prefs.setValue(
325             PropsUtil.LDAP_EXPORT_ENABLED, String.valueOf(exportEnabled));
326         prefs.setValue(PropsUtil.LDAP_USERS_DN, usersDN);
327         prefs.setValue(PropsUtil.LDAP_GROUPS_DN, groupsDN);
328         prefs.setValue(
329             PropsUtil.LDAP_PASSWORD_POLICY_ENABLED,
330             String.valueOf(passwordPolicyEnabled));
331 
332         prefs.store();
333     }
334 
335     protected void updateMailHostNames(
336             ActionRequest req, PortletPreferences prefs)
337         throws Exception {
338 
339         String mailHostNames = ParamUtil.getString(req, "mailHostNames");
340 
341         prefs.setValue(PropsUtil.ADMIN_MAIL_HOST_NAMES, mailHostNames);
342     }
343 
344     protected void updateNtlm(
345             ActionRequest req, long companyId, PortletPreferences prefs)
346         throws Exception {
347 
348         boolean enabled = ParamUtil.getBoolean(req, "enabled");
349         String domainController = ParamUtil.getString(req, "domainController");
350         String domain = ParamUtil.getString(req, "domain");
351 
352         prefs.setValue(
353             PropsUtil.NTLM_AUTH_ENABLED, String.valueOf(enabled));
354         prefs.setValue(PropsUtil.NTLM_DOMAIN_CONTROLLER, domainController);
355         prefs.setValue(PropsUtil.NTLM_DOMAIN, domain);
356 
357         prefs.store();
358     }
359 
360     protected void updateOpenId(ActionRequest req, PortletPreferences prefs)
361         throws Exception {
362 
363         boolean enabled = ParamUtil.getBoolean(req, "enabled");
364 
365         prefs.setValue(PropsUtil.OPEN_ID_AUTH_ENABLED, String.valueOf(enabled));
366 
367         prefs.store();
368     }
369 
370     protected void updateOpenSSO(
371             ActionRequest req, long companyId, PortletPreferences prefs)
372         throws Exception {
373 
374         boolean enabled = ParamUtil.getBoolean(req, "enabled");
375         String loginUrl = ParamUtil.getString(req, "loginUrl");
376         String logoutUrl = ParamUtil.getString(req, "logoutUrl");
377         String serviceUrl = ParamUtil.getString(req, "serviceUrl");
378         String subjectCookieName = ParamUtil.getString(
379             req, "subjectCookieName");
380 
381         prefs.setValue(
382             PropsUtil.OPEN_SSO_AUTH_ENABLED, String.valueOf(enabled));
383         prefs.setValue(PropsUtil.OPEN_SSO_LOGIN_URL, loginUrl);
384         prefs.setValue(PropsUtil.OPEN_SSO_LOGOUT_URL, logoutUrl);
385         prefs.setValue(PropsUtil.OPEN_SSO_SERVICE_URL, serviceUrl);
386         prefs.setValue(
387             PropsUtil.OPEN_SSO_SUBJECT_COOKIE_NAME, subjectCookieName);
388 
389         prefs.store();
390     }
391 
392     protected void updateReservedUsers(
393             ActionRequest req, PortletPreferences prefs)
394         throws Exception {
395 
396         String reservedScreenNames = ParamUtil.getString(
397             req, "reservedScreenNames");
398         String reservedEmailAddresses = ParamUtil.getString(
399             req, "reservedEmailAddresses");
400 
401         prefs.setValue(
402             PropsUtil.ADMIN_RESERVED_SCREEN_NAMES, reservedScreenNames);
403         prefs.setValue(
404             PropsUtil.ADMIN_RESERVED_EMAIL_ADDRESSES, reservedEmailAddresses);
405     }
406 
407     protected void updateSecurity(ActionRequest req) throws Exception {
408         Company company = PortalUtil.getCompany(req);
409 
410         String authType = ParamUtil.getString(req, "authType");
411         boolean autoLogin = ParamUtil.getBoolean(req, "autoLogin");
412         boolean sendPassword = ParamUtil.getBoolean(req, "sendPassword");
413         boolean strangers = ParamUtil.getBoolean(req, "strangers");
414         boolean strangersWithMx = ParamUtil.getBoolean(req, "strangersWithMx");
415         boolean strangersVerify = ParamUtil.getBoolean(req, "strangersVerify");
416 
417         CompanyServiceUtil.updateSecurity(
418             company.getCompanyId(), authType, autoLogin, sendPassword,
419             strangers, strangersWithMx, strangersVerify,
420             company.isCommunityLogo());
421     }
422 
423 }