1   /**
2    * Copyright (c) 2000-2008 Liferay, Inc. All rights reserved.
3    *
4    * Permission is hereby granted, free of charge, to any person obtaining a copy
5    * of this software and associated documentation files (the "Software"), to deal
6    * in the Software without restriction, including without limitation the rights
7    * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
8    * copies of the Software, and to permit persons to whom the Software is
9    * furnished to do so, subject to the following conditions:
10   *
11   * The above copyright notice and this permission notice shall be included in
12   * all copies or substantial portions of the Software.
13   *
14   * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15   * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16   * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
17   * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
18   * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
19   * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
20   * SOFTWARE.
21   */
22  
23  package com.liferay.portal.service.impl;
24  
25  import com.liferay.portal.DuplicatePasswordPolicyException;
26  import com.liferay.portal.NoSuchPasswordPolicyException;
27  import com.liferay.portal.NoSuchPasswordPolicyRelException;
28  import com.liferay.portal.PasswordPolicyNameException;
29  import com.liferay.portal.PortalException;
30  import com.liferay.portal.RequiredPasswordPolicyException;
31  import com.liferay.portal.SystemException;
32  import com.liferay.portal.kernel.util.OrderByComparator;
33  import com.liferay.portal.kernel.util.StringPool;
34  import com.liferay.portal.kernel.util.Validator;
35  import com.liferay.portal.model.Organization;
36  import com.liferay.portal.model.PasswordPolicy;
37  import com.liferay.portal.model.PasswordPolicyRel;
38  import com.liferay.portal.model.ResourceConstants;
39  import com.liferay.portal.model.User;
40  import com.liferay.portal.security.ldap.PortalLDAPUtil;
41  import com.liferay.portal.service.base.PasswordPolicyLocalServiceBaseImpl;
42  import com.liferay.portal.util.PropsValues;
43  
44  import java.util.Date;
45  import java.util.List;
46  
47  /**
48   * <a href="PasswordPolicyLocalServiceImpl.java.html"><b><i>View Source</i></b>
49   * </a>
50   *
51   * @author Scott Lee
52   *
53   */
54  public class PasswordPolicyLocalServiceImpl
55      extends PasswordPolicyLocalServiceBaseImpl {
56  
57      public PasswordPolicy addPasswordPolicy(
58              long userId, boolean defaultPolicy, String name, String description,
59              boolean changeable, boolean changeRequired, long minAge,
60              boolean checkSyntax, boolean allowDictionaryWords, int minLength,
61              boolean history, int historyCount, boolean expireable, long maxAge,
62              long warningTime, int graceLimit, boolean lockout, int maxFailure,
63              long lockoutDuration, long resetFailureCount)
64          throws PortalException, SystemException {
65  
66          // Password policy
67  
68          User user = userPersistence.findByPrimaryKey(userId);
69          Date now = new Date();
70  
71          validate(0, user.getCompanyId(), name);
72  
73          long passwordPolicyId = counterLocalService.increment();
74  
75          PasswordPolicy passwordPolicy = passwordPolicyPersistence.create(
76              passwordPolicyId);
77  
78          passwordPolicy.setUserId(userId);
79          passwordPolicy.setCompanyId(user.getCompanyId());
80          passwordPolicy.setUserName(user.getFullName());
81          passwordPolicy.setCreateDate(now);
82          passwordPolicy.setModifiedDate(now);
83          passwordPolicy.setDefaultPolicy(defaultPolicy);
84          passwordPolicy.setName(name);
85          passwordPolicy.setDescription(description);
86          passwordPolicy.setChangeable(changeable);
87          passwordPolicy.setChangeRequired(changeRequired);
88          passwordPolicy.setMinAge(minAge);
89          passwordPolicy.setCheckSyntax(checkSyntax);
90          passwordPolicy.setAllowDictionaryWords(allowDictionaryWords);
91          passwordPolicy.setMinLength(minLength);
92          passwordPolicy.setHistory(history);
93          passwordPolicy.setHistoryCount(historyCount);
94          passwordPolicy.setExpireable(expireable);
95          passwordPolicy.setMaxAge(maxAge);
96          passwordPolicy.setWarningTime(warningTime);
97          passwordPolicy.setGraceLimit(graceLimit);
98          passwordPolicy.setLockout(lockout);
99          passwordPolicy.setMaxFailure(maxFailure);
100         passwordPolicy.setLockoutDuration(lockoutDuration);
101         passwordPolicy.setRequireUnlock(lockoutDuration == 0);
102         passwordPolicy.setResetFailureCount(resetFailureCount);
103 
104         passwordPolicyPersistence.update(passwordPolicy, false);
105 
106         // Resources
107 
108         if (!user.isDefaultUser()) {
109             resourceLocalService.addResources(
110                 user.getCompanyId(), 0, userId, PasswordPolicy.class.getName(),
111                 passwordPolicy.getPasswordPolicyId(), false, false, false);
112         }
113 
114         return passwordPolicy;
115     }
116 
117     public void checkDefaultPasswordPolicy(long companyId)
118         throws PortalException, SystemException {
119 
120         String defaultPasswordPolicyName =
121             PropsValues.PASSWORDS_DEFAULT_POLICY_NAME;
122 
123         try {
124             passwordPolicyPersistence.findByC_N(
125                 companyId, defaultPasswordPolicyName);
126         }
127         catch (NoSuchPasswordPolicyException nsppe) {
128             long defaultUserId = userLocalService.getDefaultUserId(companyId);
129 
130             addPasswordPolicy(
131                 defaultUserId, true, defaultPasswordPolicyName,
132                 defaultPasswordPolicyName, true, false, 0, false, true, 6,
133                 false, 6, false, 8640000, 86400, 0, false, 3, 0, 600);
134         }
135     }
136 
137     public void deletePasswordPolicy(long passwordPolicyId)
138         throws PortalException, SystemException {
139 
140         PasswordPolicy passwordPolicy =
141             passwordPolicyPersistence.findByPrimaryKey(passwordPolicyId);
142 
143         if (passwordPolicy.isDefaultPolicy()) {
144             throw new RequiredPasswordPolicyException();
145         }
146 
147         // Resources
148 
149         resourceLocalService.deleteResource(
150             passwordPolicy.getCompanyId(), PasswordPolicy.class.getName(),
151             ResourceConstants.SCOPE_INDIVIDUAL,
152             passwordPolicy.getPasswordPolicyId());
153 
154         // Password policy
155 
156         passwordPolicyPersistence.remove(passwordPolicyId);
157     }
158 
159     public PasswordPolicy getDefaultPasswordPolicy(long companyId)
160         throws PortalException, SystemException {
161 
162         if (PortalLDAPUtil.isPasswordPolicyEnabled(companyId)) {
163             return null;
164         }
165 
166         return passwordPolicyPersistence.findByC_DP(companyId, true);
167     }
168 
169     public PasswordPolicy getPasswordPolicy(long passwordPolicyId)
170         throws PortalException, SystemException {
171 
172         return passwordPolicyPersistence.findByPrimaryKey(passwordPolicyId);
173     }
174 
175     /**
176      * @deprecated
177      */
178     public PasswordPolicy getPasswordPolicy(
179             long companyId, long organizationId, long locationId)
180         throws PortalException, SystemException {
181 
182         return getPasswordPolicy(
183             companyId, new long[] {organizationId, locationId});
184     }
185 
186     public PasswordPolicy getPasswordPolicy(
187             long companyId, long[] organizationIds)
188         throws PortalException, SystemException {
189 
190         if (PortalLDAPUtil.isPasswordPolicyEnabled(companyId)) {
191             return null;
192         }
193 
194         PasswordPolicyRel passwordPolicyRel = null;
195 
196         // Check for password policy specifically assigned to any of the
197         // organizations
198 
199         for (int i = 0; i < organizationIds.length; i++) {
200             long organizationId = organizationIds[i];
201 
202             try {
203                 passwordPolicyRel =
204                     passwordPolicyRelLocalService.getPasswordPolicyRel(
205                         Organization.class.getName(), organizationId);
206 
207                 return getPasswordPolicy(
208                     passwordPolicyRel.getPasswordPolicyId());
209             }
210             catch (NoSuchPasswordPolicyRelException nsppre) {
211             }
212         }
213 
214         // Get default password policy
215 
216         return getDefaultPasswordPolicy(companyId);
217     }
218 
219     public PasswordPolicy getPasswordPolicyByUserId(long userId)
220         throws PortalException, SystemException {
221 
222         User user = userPersistence.findByPrimaryKey(userId);
223 
224         if (PortalLDAPUtil.isPasswordPolicyEnabled(user.getCompanyId())) {
225             return null;
226         }
227 
228         PasswordPolicyRel passwordPolicyRel = null;
229 
230         // Check for password policy specifically assigned to this user
231 
232         try {
233             passwordPolicyRel =
234                 passwordPolicyRelLocalService.getPasswordPolicyRel(
235                     User.class.getName(), userId);
236 
237             return getPasswordPolicy(passwordPolicyRel.getPasswordPolicyId());
238         }
239         catch (NoSuchPasswordPolicyRelException nsppre) {
240         }
241 
242         long[] organizationIds = user.getOrganizationIds();
243 
244         return getPasswordPolicy(user.getCompanyId(), organizationIds);
245     }
246 
247     public List<PasswordPolicy> search(
248             long companyId, String name, int start, int end,
249             OrderByComparator obc)
250         throws SystemException {
251 
252         return passwordPolicyFinder.findByC_N(companyId, name, start, end, obc);
253     }
254 
255     public int searchCount(long companyId, String name)
256         throws SystemException {
257 
258         return passwordPolicyFinder.countByC_N(companyId, name);
259     }
260 
261     public PasswordPolicy updatePasswordPolicy(
262             long passwordPolicyId, String name, String description,
263             boolean changeable, boolean changeRequired, long minAge,
264             boolean checkSyntax, boolean allowDictionaryWords, int minLength,
265             boolean history, int historyCount, boolean expireable, long maxAge,
266             long warningTime, int graceLimit, boolean lockout, int maxFailure,
267             long lockoutDuration, long resetFailureCount)
268         throws PortalException, SystemException {
269 
270         Date now = new Date();
271 
272         PasswordPolicy passwordPolicy =
273             passwordPolicyPersistence.findByPrimaryKey(
274                 passwordPolicyId);
275 
276         if (!passwordPolicy.getDefaultPolicy()) {
277             validate(passwordPolicyId, passwordPolicy.getCompanyId(), name);
278 
279             passwordPolicy.setName(name);
280         }
281 
282         passwordPolicy.setModifiedDate(now);
283         passwordPolicy.setDescription(description);
284         passwordPolicy.setChangeable(changeable);
285         passwordPolicy.setChangeRequired(changeRequired);
286         passwordPolicy.setMinAge(minAge);
287         passwordPolicy.setCheckSyntax(checkSyntax);
288         passwordPolicy.setAllowDictionaryWords(allowDictionaryWords);
289         passwordPolicy.setMinLength(minLength);
290         passwordPolicy.setHistory(history);
291         passwordPolicy.setHistoryCount(historyCount);
292         passwordPolicy.setExpireable(expireable);
293         passwordPolicy.setMaxAge(maxAge);
294         passwordPolicy.setWarningTime(warningTime);
295         passwordPolicy.setGraceLimit(graceLimit);
296         passwordPolicy.setLockout(lockout);
297         passwordPolicy.setMaxFailure(maxFailure);
298         passwordPolicy.setLockoutDuration(lockoutDuration);
299         passwordPolicy.setRequireUnlock(lockoutDuration == 0);
300         passwordPolicy.setResetFailureCount(resetFailureCount);
301 
302         passwordPolicyPersistence.update(passwordPolicy, false);
303 
304         return passwordPolicy;
305     }
306 
307     protected void validate(long passwordPolicyId, long companyId, String name)
308         throws PortalException, SystemException {
309 
310         if ((Validator.isNull(name)) || (Validator.isNumber(name)) ||
311             (name.indexOf(StringPool.COMMA) != -1) ||
312             (name.indexOf(StringPool.STAR) != -1)) {
313 
314             throw new PasswordPolicyNameException();
315         }
316 
317         try {
318             PasswordPolicy passwordPolicy = passwordPolicyPersistence.findByC_N(
319                 companyId, name);
320 
321             if ((passwordPolicyId <= 0) ||
322                 (passwordPolicy.getPasswordPolicyId() != passwordPolicyId)) {
323 
324                 throw new DuplicatePasswordPolicyException();
325             }
326         }
327         catch (NoSuchPasswordPolicyException nsge) {
328         }
329     }
330 
331 }