1
22
23 package com.liferay.portlet.enterpriseadmin.action;
24
25 import com.liferay.portal.kernel.util.Constants;
26 import com.liferay.portal.kernel.util.ParamUtil;
27 import com.liferay.portal.kernel.util.Validator;
28 import com.liferay.portal.model.Company;
29 import com.liferay.portal.model.impl.RoleImpl;
30 import com.liferay.portal.security.auth.PrincipalException;
31 import com.liferay.portal.security.ldap.PortalLDAPUtil;
32 import com.liferay.portal.service.CompanyServiceUtil;
33 import com.liferay.portal.service.RoleLocalServiceUtil;
34 import com.liferay.portal.servlet.filters.sso.cas.CASFilter;
35 import com.liferay.portal.struts.PortletAction;
36 import com.liferay.portal.util.PortalUtil;
37 import com.liferay.portal.util.PrefsPropsUtil;
38 import com.liferay.portal.util.PropsUtil;
39 import com.liferay.util.ldap.LDAPUtil;
40 import com.liferay.util.servlet.SessionErrors;
41
42 import javax.portlet.ActionRequest;
43 import javax.portlet.ActionResponse;
44 import javax.portlet.PortletConfig;
45 import javax.portlet.PortletPreferences;
46
47 import org.apache.struts.action.ActionForm;
48 import org.apache.struts.action.ActionMapping;
49
50
57 public class EditSettingsAction extends PortletAction {
58
59 public void processAction(
60 ActionMapping mapping, ActionForm form, PortletConfig config,
61 ActionRequest req, ActionResponse res)
62 throws Exception {
63
64 long companyId = PortalUtil.getCompanyId(req);
65 long userId = PortalUtil.getUserId(req);
66
67 if (!RoleLocalServiceUtil.hasUserRole(
68 userId, companyId, RoleImpl.ADMINISTRATOR, true)) {
69
70 SessionErrors.add(req, PrincipalException.class.getName());
71
72 setForward(req, "portlet.enterprise_admin.error");
73
74 return;
75 }
76
77 PortletPreferences prefs = PrefsPropsUtil.getPreferences(companyId);
78
79 String cmd = ParamUtil.getString(req, Constants.CMD);
80
81 if (cmd.equals("updateCAS")) {
82 updateCAS(req, companyId, prefs);
83 }
84 else if (cmd.equals("updateDefaultGroupsAndRoles")) {
85 updateDefaultGroupsAndRoles(req, prefs);
86 }
87 else if (cmd.equals("updateEmails")) {
88 updateEmails(req, prefs);
89 }
90 else if (cmd.equals("updateLdap")) {
91 updateLdap(req, companyId, prefs);
92 }
93 else if (cmd.equals("updateMailHostNames")) {
94 updateMailHostNames(req, prefs);
95 }
96 else if (cmd.equals("updateNtlm")) {
97 updateNtlm(req, companyId, prefs);
98 }
99 else if (cmd.equals("updateOpenId")) {
100 updateOpenId(req, prefs);
101 }
102 else if (cmd.equals("updateOpenSSO")) {
103 updateOpenSSO(req, companyId, prefs);
104 }
105 else if (cmd.equals("updateReservedUsers")) {
106 updateReservedUsers(req, prefs);
107 }
108 else if (cmd.equals("updateSecurity")) {
109 updateSecurity(req);
110 }
111
112 if (SessionErrors.isEmpty(req)) {
113 if (!cmd.equals("updateLdap") && !cmd.equals("updateSecurity")) {
114 prefs.store();
115 }
116
117 sendRedirect(req, res);
118 }
119 else {
120 setForward(req, "portlet.enterprise_admin.view");
121 }
122 }
123
124 protected void updateCAS(
125 ActionRequest req, long companyId, PortletPreferences prefs)
126 throws Exception {
127
128 boolean enabled = ParamUtil.getBoolean(req, "enabled");
129 boolean importFromLdap = ParamUtil.getBoolean(req, "importFromLdap");
130 String loginUrl = ParamUtil.getString(req, "loginUrl");
131 String logoutUrl = ParamUtil.getString(req, "logoutUrl");
132 String serverName = ParamUtil.getString(req, "serverName");
133 String serviceUrl = ParamUtil.getString(req, "serviceUrl");
134 String validateUrl = ParamUtil.getString(req, "validateUrl");
135
136 prefs.setValue(
137 PropsUtil.CAS_AUTH_ENABLED, String.valueOf(enabled));
138 prefs.setValue(
139 PropsUtil.CAS_IMPORT_FROM_LDAP, String.valueOf(importFromLdap));
140 prefs.setValue(PropsUtil.CAS_LOGIN_URL, loginUrl);
141 prefs.setValue(PropsUtil.CAS_LOGOUT_URL, logoutUrl);
142 prefs.setValue(PropsUtil.CAS_SERVER_NAME, serverName);
143 prefs.setValue(PropsUtil.CAS_SERVICE_URL, serviceUrl);
144 prefs.setValue(PropsUtil.CAS_VALIDATE_URL, validateUrl);
145
146 prefs.store();
147
148 CASFilter.reload(companyId);
149 }
150
151 protected void updateDefaultGroupsAndRoles(
152 ActionRequest req, PortletPreferences prefs)
153 throws Exception {
154
155 String defaultGroupNames = ParamUtil.getString(
156 req, "defaultGroupNames");
157 String defaultRoleNames = ParamUtil.getString(req, "defaultRoleNames");
158 String defaultUserGroupNames = ParamUtil.getString(
159 req, "defaultUserGroupNames");
160
161 prefs.setValue(PropsUtil.ADMIN_DEFAULT_GROUP_NAMES, defaultGroupNames);
162 prefs.setValue(PropsUtil.ADMIN_DEFAULT_ROLE_NAMES, defaultRoleNames);
163 prefs.setValue(
164 PropsUtil.ADMIN_DEFAULT_USER_GROUP_NAMES, defaultUserGroupNames);
165 }
166
167 protected void updateEmails(
168 ActionRequest req, PortletPreferences prefs)
169 throws Exception {
170
171 String tabs3 = ParamUtil.getString(req, "tabs3");
172
173 if (tabs3.equals("account-created-notification")) {
174 String emailUserAddedEnabled = ParamUtil.getString(
175 req, "emailUserAddedEnabled");
176 String emailUserAddedSubject = ParamUtil.getString(
177 req, "emailUserAddedSubject");
178 String emailUserAddedBody = ParamUtil.getString(
179 req, "emailUserAddedBody");
180
181 if (Validator.isNull(emailUserAddedSubject)) {
182 SessionErrors.add(req, "emailUserAddedSubject");
183 }
184 else if (Validator.isNull(emailUserAddedBody)) {
185 SessionErrors.add(req, "emailUserAddedBody");
186 }
187 else {
188 prefs.setValue(
189 PropsUtil.ADMIN_EMAIL_USER_ADDED_ENABLED,
190 emailUserAddedEnabled);
191 prefs.setValue(
192 PropsUtil.ADMIN_EMAIL_USER_ADDED_SUBJECT,
193 emailUserAddedSubject);
194 prefs.setValue(
195 PropsUtil.ADMIN_EMAIL_USER_ADDED_BODY, emailUserAddedBody);
196 }
197 }
198 else if (tabs3.equals("password-changed-notification")) {
199 String emailPasswordSentEnabled = ParamUtil.getString(
200 req, "emailPasswordSentEnabled");
201 String emailPasswordSentSubject = ParamUtil.getString(
202 req, "emailPasswordSentSubject");
203 String emailPasswordSentBody = ParamUtil.getString(
204 req, "emailPasswordSentBody");
205
206 if (Validator.isNull(emailPasswordSentSubject)) {
207 SessionErrors.add(req, "emailPasswordSentSubject");
208 }
209 else if (Validator.isNull(emailPasswordSentBody)) {
210 SessionErrors.add(req, "emailPasswordSentBody");
211 }
212 else {
213 prefs.setValue(
214 PropsUtil.ADMIN_EMAIL_PASSWORD_SENT_ENABLED,
215 emailPasswordSentEnabled);
216 prefs.setValue(
217 PropsUtil.ADMIN_EMAIL_PASSWORD_SENT_SUBJECT,
218 emailPasswordSentSubject);
219 prefs.setValue(
220 PropsUtil.ADMIN_EMAIL_PASSWORD_SENT_BODY,
221 emailPasswordSentBody);
222 }
223 }
224 else {
225 String emailFromName = ParamUtil.getString(req, "emailFromName");
226 String emailFromAddress = ParamUtil.getString(
227 req, "emailFromAddress");
228
229 if (Validator.isNull(emailFromName)) {
230 SessionErrors.add(req, "emailFromName");
231 }
232 else if (!Validator.isEmailAddress(emailFromAddress)) {
233 SessionErrors.add(req, "emailFromAddress");
234 }
235 else {
236 prefs.setValue(PropsUtil.ADMIN_EMAIL_FROM_NAME, emailFromName);
237 prefs.setValue(
238 PropsUtil.ADMIN_EMAIL_FROM_ADDRESS, emailFromAddress);
239 }
240 }
241 }
242
243 protected void updateLdap(
244 ActionRequest req, long companyId, PortletPreferences prefs)
245 throws Exception {
246
247 boolean enabled = ParamUtil.getBoolean(req, "enabled");
248 boolean required = ParamUtil.getBoolean(req, "required");
249 String baseProviderURL = ParamUtil.getString(req, "baseProviderURL");
250 String baseDN = ParamUtil.getString(req, "baseDN");
251 String principal = ParamUtil.getString(req, "principal");
252 String credentials = ParamUtil.getString(req, "credentials");
253 String searchFilter = ParamUtil.getString(req, "searchFilter");
254 String userDefaultObjectClasses = ParamUtil.getString(
255 req, "userDefaultObjectClasses");
256
257 String userMappings =
258 "screenName=" + ParamUtil.getString(req, "userMappingScreenName") +
259 "\npassword=" + ParamUtil.getString(req, "userMappingPassword") +
260 "\nemailAddress=" +
261 ParamUtil.getString(req, "userMappingEmailAddress") +
262 "\nfullName=" + ParamUtil.getString(req, "userMappingFullName") +
263 "\nfirstName=" + ParamUtil.getString(req, "userMappingFirstName") +
264 "\nlastName=" + ParamUtil.getString(req, "userMappingLastName") +
265 "\njobTitle=" + ParamUtil.getString(req, "userMappingJobTitle") +
266 "\ngroup=" + ParamUtil.getString(req, "userMappingGroup");
267
268 String groupMappings =
269 "groupName=" + ParamUtil.getString(req, "groupMappingGroupName") +
270 "\ndescription=" +
271 ParamUtil.getString(req, "groupMappingDescription") +
272 "\nuser=" + ParamUtil.getString(req, "groupMappingUser");
273
274 boolean importEnabled = ParamUtil.getBoolean(req, "importEnabled");
275 boolean importOnStartup = ParamUtil.getBoolean(req, "importOnStartup");
276 long importInterval = ParamUtil.getLong(req, "importInterval");
277 String importUserSearchFilter = ParamUtil.getString(
278 req, "importUserSearchFilter");
279 String importGroupSearchFilter = ParamUtil.getString(
280 req, "importGroupSearchFilter");
281 boolean exportEnabled = ParamUtil.getBoolean(req, "exportEnabled");
282 String usersDN = ParamUtil.getString(req, "usersDN");
283 String groupsDN = ParamUtil.getString(req, "groupsDN");
284 boolean passwordPolicyEnabled = ParamUtil.getBoolean(
285 req, "passwordPolicyEnabled");
286
287 try {
288 if (enabled) {
289 String fullProviderURL = LDAPUtil.getFullProviderURL(
290 baseProviderURL, baseDN);
291
292 PortalLDAPUtil.getContext(
293 companyId, fullProviderURL, principal, credentials);
294 }
295 }
296 catch (Exception e) {
297 SessionErrors.add(req, "ldapAuthentication");
298
299 return;
300 }
301
302 prefs.setValue(PropsUtil.LDAP_AUTH_ENABLED, String.valueOf(enabled));
303 prefs.setValue(PropsUtil.LDAP_AUTH_REQUIRED, String.valueOf(required));
304 prefs.setValue(PropsUtil.LDAP_BASE_PROVIDER_URL, baseProviderURL);
305 prefs.setValue(PropsUtil.LDAP_BASE_DN, baseDN);
306 prefs.setValue(PropsUtil.LDAP_SECURITY_PRINCIPAL, principal);
307 prefs.setValue(PropsUtil.LDAP_SECURITY_CREDENTIALS, credentials);
308 prefs.setValue(PropsUtil.LDAP_AUTH_SEARCH_FILTER, searchFilter);
309 prefs.setValue(
310 PropsUtil.LDAP_USER_DEFAULT_OBJECT_CLASSES,
311 userDefaultObjectClasses);
312 prefs.setValue(PropsUtil.LDAP_USER_MAPPINGS, userMappings);
313 prefs.setValue(PropsUtil.LDAP_GROUP_MAPPINGS, groupMappings);
314 prefs.setValue(
315 PropsUtil.LDAP_IMPORT_ENABLED, String.valueOf(importEnabled));
316 prefs.setValue(
317 PropsUtil.LDAP_IMPORT_ON_STARTUP, String.valueOf(importOnStartup));
318 prefs.setValue(
319 PropsUtil.LDAP_IMPORT_INTERVAL, String.valueOf(importInterval));
320 prefs.setValue(
321 PropsUtil.LDAP_IMPORT_USER_SEARCH_FILTER, importUserSearchFilter);
322 prefs.setValue(
323 PropsUtil.LDAP_IMPORT_GROUP_SEARCH_FILTER, importGroupSearchFilter);
324 prefs.setValue(
325 PropsUtil.LDAP_EXPORT_ENABLED, String.valueOf(exportEnabled));
326 prefs.setValue(PropsUtil.LDAP_USERS_DN, usersDN);
327 prefs.setValue(PropsUtil.LDAP_GROUPS_DN, groupsDN);
328 prefs.setValue(
329 PropsUtil.LDAP_PASSWORD_POLICY_ENABLED,
330 String.valueOf(passwordPolicyEnabled));
331
332 prefs.store();
333 }
334
335 protected void updateMailHostNames(
336 ActionRequest req, PortletPreferences prefs)
337 throws Exception {
338
339 String mailHostNames = ParamUtil.getString(req, "mailHostNames");
340
341 prefs.setValue(PropsUtil.ADMIN_MAIL_HOST_NAMES, mailHostNames);
342 }
343
344 protected void updateNtlm(
345 ActionRequest req, long companyId, PortletPreferences prefs)
346 throws Exception {
347
348 boolean enabled = ParamUtil.getBoolean(req, "enabled");
349 String domainController = ParamUtil.getString(req, "domainController");
350 String domain = ParamUtil.getString(req, "domain");
351
352 prefs.setValue(
353 PropsUtil.NTLM_AUTH_ENABLED, String.valueOf(enabled));
354 prefs.setValue(PropsUtil.NTLM_DOMAIN_CONTROLLER, domainController);
355 prefs.setValue(PropsUtil.NTLM_DOMAIN, domain);
356
357 prefs.store();
358 }
359
360 protected void updateOpenId(ActionRequest req, PortletPreferences prefs)
361 throws Exception {
362
363 boolean enabled = ParamUtil.getBoolean(req, "enabled");
364
365 prefs.setValue(PropsUtil.OPEN_ID_AUTH_ENABLED, String.valueOf(enabled));
366
367 prefs.store();
368 }
369
370 protected void updateOpenSSO(
371 ActionRequest req, long companyId, PortletPreferences prefs)
372 throws Exception {
373
374 boolean enabled = ParamUtil.getBoolean(req, "enabled");
375 String loginUrl = ParamUtil.getString(req, "loginUrl");
376 String logoutUrl = ParamUtil.getString(req, "logoutUrl");
377 String serviceUrl = ParamUtil.getString(req, "serviceUrl");
378 String subjectCookieName = ParamUtil.getString(
379 req, "subjectCookieName");
380
381 prefs.setValue(
382 PropsUtil.OPEN_SSO_AUTH_ENABLED, String.valueOf(enabled));
383 prefs.setValue(PropsUtil.OPEN_SSO_LOGIN_URL, loginUrl);
384 prefs.setValue(PropsUtil.OPEN_SSO_LOGOUT_URL, logoutUrl);
385 prefs.setValue(PropsUtil.OPEN_SSO_SERVICE_URL, serviceUrl);
386 prefs.setValue(
387 PropsUtil.OPEN_SSO_SUBJECT_COOKIE_NAME, subjectCookieName);
388
389 prefs.store();
390 }
391
392 protected void updateReservedUsers(
393 ActionRequest req, PortletPreferences prefs)
394 throws Exception {
395
396 String reservedScreenNames = ParamUtil.getString(
397 req, "reservedScreenNames");
398 String reservedEmailAddresses = ParamUtil.getString(
399 req, "reservedEmailAddresses");
400
401 prefs.setValue(
402 PropsUtil.ADMIN_RESERVED_SCREEN_NAMES, reservedScreenNames);
403 prefs.setValue(
404 PropsUtil.ADMIN_RESERVED_EMAIL_ADDRESSES, reservedEmailAddresses);
405 }
406
407 protected void updateSecurity(ActionRequest req) throws Exception {
408 Company company = PortalUtil.getCompany(req);
409
410 String authType = ParamUtil.getString(req, "authType");
411 boolean autoLogin = ParamUtil.getBoolean(req, "autoLogin");
412 boolean sendPassword = ParamUtil.getBoolean(req, "sendPassword");
413 boolean strangers = ParamUtil.getBoolean(req, "strangers");
414 boolean strangersWithMx = ParamUtil.getBoolean(req, "strangersWithMx");
415 boolean strangersVerify = ParamUtil.getBoolean(req, "strangersVerify");
416
417 CompanyServiceUtil.updateSecurity(
418 company.getCompanyId(), authType, autoLogin, sendPassword,
419 strangers, strangersWithMx, strangersVerify,
420 company.isCommunityLogo());
421 }
422
423 }