1   /**
2    * Copyright (c) 2000-2010 Liferay, Inc. All rights reserved.
3    *
4    * This library is free software; you can redistribute it and/or modify it under
5    * the terms of the GNU Lesser General Public License as published by the Free
6    * Software Foundation; either version 2.1 of the License, or (at your option)
7    * any later version.
8    *
9    * This library is distributed in the hope that it will be useful, but WITHOUT
10   * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
11   * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
12   * details.
13   */
14  
15  package com.liferay.portal.service.impl;
16  
17  import com.liferay.portal.DuplicatePasswordPolicyException;
18  import com.liferay.portal.NoSuchPasswordPolicyRelException;
19  import com.liferay.portal.PasswordPolicyNameException;
20  import com.liferay.portal.RequiredPasswordPolicyException;
21  import com.liferay.portal.kernel.exception.PortalException;
22  import com.liferay.portal.kernel.exception.SystemException;
23  import com.liferay.portal.kernel.util.OrderByComparator;
24  import com.liferay.portal.kernel.util.StringPool;
25  import com.liferay.portal.kernel.util.Validator;
26  import com.liferay.portal.model.Organization;
27  import com.liferay.portal.model.PasswordPolicy;
28  import com.liferay.portal.model.PasswordPolicyRel;
29  import com.liferay.portal.model.ResourceConstants;
30  import com.liferay.portal.model.User;
31  import com.liferay.portal.security.ldap.LDAPSettingsUtil;
32  import com.liferay.portal.service.base.PasswordPolicyLocalServiceBaseImpl;
33  import com.liferay.portal.util.PropsValues;
34  
35  import java.util.Date;
36  import java.util.List;
37  
38  /**
39   * <a href="PasswordPolicyLocalServiceImpl.java.html"><b><i>View Source</i></b>
40   * </a>
41   *
42   * @author Scott Lee
43   */
44  public class PasswordPolicyLocalServiceImpl
45      extends PasswordPolicyLocalServiceBaseImpl {
46  
47      public PasswordPolicy addPasswordPolicy(
48              long userId, boolean defaultPolicy, String name, String description,
49              boolean changeable, boolean changeRequired, long minAge,
50              boolean checkSyntax, boolean allowDictionaryWords, int minLength,
51              boolean history, int historyCount, boolean expireable, long maxAge,
52              long warningTime, int graceLimit, boolean lockout, int maxFailure,
53              long lockoutDuration, long resetFailureCount)
54          throws PortalException, SystemException {
55  
56          // Password policy
57  
58          User user = userPersistence.findByPrimaryKey(userId);
59          Date now = new Date();
60  
61          validate(0, user.getCompanyId(), name);
62  
63          long passwordPolicyId = counterLocalService.increment();
64  
65          PasswordPolicy passwordPolicy = passwordPolicyPersistence.create(
66              passwordPolicyId);
67  
68          passwordPolicy.setUserId(userId);
69          passwordPolicy.setCompanyId(user.getCompanyId());
70          passwordPolicy.setUserName(user.getFullName());
71          passwordPolicy.setCreateDate(now);
72          passwordPolicy.setModifiedDate(now);
73          passwordPolicy.setDefaultPolicy(defaultPolicy);
74          passwordPolicy.setName(name);
75          passwordPolicy.setDescription(description);
76          passwordPolicy.setChangeable(changeable);
77          passwordPolicy.setChangeRequired(changeRequired);
78          passwordPolicy.setMinAge(minAge);
79          passwordPolicy.setCheckSyntax(checkSyntax);
80          passwordPolicy.setAllowDictionaryWords(allowDictionaryWords);
81          passwordPolicy.setMinLength(minLength);
82          passwordPolicy.setHistory(history);
83          passwordPolicy.setHistoryCount(historyCount);
84          passwordPolicy.setExpireable(expireable);
85          passwordPolicy.setMaxAge(maxAge);
86          passwordPolicy.setWarningTime(warningTime);
87          passwordPolicy.setGraceLimit(graceLimit);
88          passwordPolicy.setLockout(lockout);
89          passwordPolicy.setMaxFailure(maxFailure);
90          passwordPolicy.setLockoutDuration(lockoutDuration);
91          passwordPolicy.setRequireUnlock(lockoutDuration == 0);
92          passwordPolicy.setResetFailureCount(resetFailureCount);
93  
94          passwordPolicyPersistence.update(passwordPolicy, false);
95  
96          // Resources
97  
98          if (!user.isDefaultUser()) {
99              resourceLocalService.addResources(
100                 user.getCompanyId(), 0, userId, PasswordPolicy.class.getName(),
101                 passwordPolicy.getPasswordPolicyId(), false, false, false);
102         }
103 
104         return passwordPolicy;
105     }
106 
107     public void checkDefaultPasswordPolicy(long companyId)
108         throws PortalException, SystemException {
109 
110         String defaultPasswordPolicyName =
111             PropsValues.PASSWORDS_DEFAULT_POLICY_NAME;
112 
113         PasswordPolicy defaultPasswordPolicy =
114             passwordPolicyPersistence.fetchByC_N(
115                 companyId, defaultPasswordPolicyName);
116 
117         if (defaultPasswordPolicy == null) {
118             long defaultUserId = userLocalService.getDefaultUserId(companyId);
119 
120             addPasswordPolicy(
121                 defaultUserId, true, defaultPasswordPolicyName,
122                 defaultPasswordPolicyName, true, false, 0, false, true, 6,
123                 false, 6, false, 8640000, 86400, 0, false, 3, 0, 600);
124         }
125     }
126 
127     public void deletePasswordPolicy(long passwordPolicyId)
128         throws PortalException, SystemException {
129 
130         PasswordPolicy passwordPolicy =
131             passwordPolicyPersistence.findByPrimaryKey(passwordPolicyId);
132 
133         if (passwordPolicy.isDefaultPolicy()) {
134             throw new RequiredPasswordPolicyException();
135         }
136 
137         // Password policy relations
138 
139         passwordPolicyRelLocalService.deletePasswordPolicyRels(
140             passwordPolicyId);
141 
142         // Resources
143 
144         resourceLocalService.deleteResource(
145             passwordPolicy.getCompanyId(), PasswordPolicy.class.getName(),
146             ResourceConstants.SCOPE_INDIVIDUAL,
147             passwordPolicy.getPasswordPolicyId());
148 
149         // Password policy
150 
151         passwordPolicyPersistence.remove(passwordPolicy);
152     }
153 
154     public PasswordPolicy getDefaultPasswordPolicy(long companyId)
155         throws PortalException, SystemException {
156 
157         if (LDAPSettingsUtil.isPasswordPolicyEnabled(companyId)) {
158             return null;
159         }
160 
161         return passwordPolicyPersistence.findByC_DP(companyId, true);
162     }
163 
164     public PasswordPolicy getPasswordPolicy(long passwordPolicyId)
165         throws PortalException, SystemException {
166 
167         return passwordPolicyPersistence.findByPrimaryKey(passwordPolicyId);
168     }
169 
170     /**
171      * @deprecated
172      */
173     public PasswordPolicy getPasswordPolicy(
174             long companyId, long organizationId, long locationId)
175         throws PortalException, SystemException {
176 
177         return getPasswordPolicy(
178             companyId, new long[] {organizationId, locationId});
179     }
180 
181     public PasswordPolicy getPasswordPolicy(
182             long companyId, long[] organizationIds)
183         throws PortalException, SystemException {
184 
185         if (LDAPSettingsUtil.isPasswordPolicyEnabled(companyId)) {
186             return null;
187         }
188 
189         PasswordPolicyRel passwordPolicyRel = null;
190 
191         // Check for password policy specifically assigned to any of the
192         // organizations
193 
194         for (int i = 0; i < organizationIds.length; i++) {
195             long organizationId = organizationIds[i];
196 
197             try {
198                 passwordPolicyRel =
199                     passwordPolicyRelLocalService.getPasswordPolicyRel(
200                         Organization.class.getName(), organizationId);
201 
202                 return getPasswordPolicy(
203                     passwordPolicyRel.getPasswordPolicyId());
204             }
205             catch (NoSuchPasswordPolicyRelException nsppre) {
206             }
207         }
208 
209         // Get default password policy
210 
211         return getDefaultPasswordPolicy(companyId);
212     }
213 
214     public PasswordPolicy getPasswordPolicyByUserId(long userId)
215         throws PortalException, SystemException {
216 
217         User user = userPersistence.findByPrimaryKey(userId);
218 
219         if (LDAPSettingsUtil.isPasswordPolicyEnabled(user.getCompanyId())) {
220             return null;
221         }
222 
223         PasswordPolicyRel passwordPolicyRel = null;
224 
225         // Check for password policy specifically assigned to this user
226 
227         try {
228             passwordPolicyRel =
229                 passwordPolicyRelLocalService.getPasswordPolicyRel(
230                     User.class.getName(), userId);
231 
232             return getPasswordPolicy(passwordPolicyRel.getPasswordPolicyId());
233         }
234         catch (NoSuchPasswordPolicyRelException nsppre) {
235         }
236 
237         long[] organizationIds = user.getOrganizationIds();
238 
239         return getPasswordPolicy(user.getCompanyId(), organizationIds);
240     }
241 
242     public List<PasswordPolicy> search(
243             long companyId, String name, int start, int end,
244             OrderByComparator obc)
245         throws SystemException {
246 
247         return passwordPolicyFinder.findByC_N(companyId, name, start, end, obc);
248     }
249 
250     public int searchCount(long companyId, String name)
251         throws SystemException {
252 
253         return passwordPolicyFinder.countByC_N(companyId, name);
254     }
255 
256     public PasswordPolicy updatePasswordPolicy(
257             long passwordPolicyId, String name, String description,
258             boolean changeable, boolean changeRequired, long minAge,
259             boolean checkSyntax, boolean allowDictionaryWords, int minLength,
260             boolean history, int historyCount, boolean expireable, long maxAge,
261             long warningTime, int graceLimit, boolean lockout, int maxFailure,
262             long lockoutDuration, long resetFailureCount)
263         throws PortalException, SystemException {
264 
265         Date now = new Date();
266 
267         PasswordPolicy passwordPolicy =
268             passwordPolicyPersistence.findByPrimaryKey(
269                 passwordPolicyId);
270 
271         if (!passwordPolicy.getDefaultPolicy()) {
272             validate(passwordPolicyId, passwordPolicy.getCompanyId(), name);
273 
274             passwordPolicy.setName(name);
275         }
276 
277         passwordPolicy.setModifiedDate(now);
278         passwordPolicy.setDescription(description);
279         passwordPolicy.setChangeable(changeable);
280         passwordPolicy.setChangeRequired(changeRequired);
281         passwordPolicy.setMinAge(minAge);
282         passwordPolicy.setCheckSyntax(checkSyntax);
283         passwordPolicy.setAllowDictionaryWords(allowDictionaryWords);
284         passwordPolicy.setMinLength(minLength);
285         passwordPolicy.setHistory(history);
286         passwordPolicy.setHistoryCount(historyCount);
287         passwordPolicy.setExpireable(expireable);
288         passwordPolicy.setMaxAge(maxAge);
289         passwordPolicy.setWarningTime(warningTime);
290         passwordPolicy.setGraceLimit(graceLimit);
291         passwordPolicy.setLockout(lockout);
292         passwordPolicy.setMaxFailure(maxFailure);
293         passwordPolicy.setLockoutDuration(lockoutDuration);
294         passwordPolicy.setRequireUnlock(lockoutDuration == 0);
295         passwordPolicy.setResetFailureCount(resetFailureCount);
296 
297         passwordPolicyPersistence.update(passwordPolicy, false);
298 
299         return passwordPolicy;
300     }
301 
302     protected void validate(long passwordPolicyId, long companyId, String name)
303         throws PortalException, SystemException {
304 
305         if ((Validator.isNull(name)) || (Validator.isNumber(name)) ||
306             (name.indexOf(StringPool.COMMA) != -1) ||
307             (name.indexOf(StringPool.STAR) != -1)) {
308 
309             throw new PasswordPolicyNameException();
310         }
311 
312         PasswordPolicy passwordPolicy = passwordPolicyPersistence.fetchByC_N(
313             companyId, name);
314 
315         if (passwordPolicy != null) {
316             if ((passwordPolicyId <= 0) ||
317                 (passwordPolicy.getPasswordPolicyId() != passwordPolicyId)) {
318 
319                 throw new DuplicatePasswordPolicyException();
320             }
321         }
322     }
323 
324 }