Search in sources :

Example 1 with UserEmailAddressException

use of com.liferay.portal.UserEmailAddressException in project liferay-ide by liferay.

the class UserLocalServiceImpl method validateEmailAddress.

protected void validateEmailAddress(long companyId, String emailAddress) throws PortalException, SystemException {
    if (Validator.isNull(emailAddress) && !PropsValues.USERS_EMAIL_ADDRESS_REQUIRED) {
        return;
    }
    EmailAddressValidator emailAddressValidator = EmailAddressValidatorFactory.getInstance();
    if (!emailAddressValidator.validate(companyId, emailAddress)) {
        throw new UserEmailAddressException();
    }
    String pop3User = PrefsPropsUtil.getString(PropsKeys.MAIL_SESSION_MAIL_POP3_USER, PropsValues.MAIL_SESSION_MAIL_POP3_USER);
    if (StringUtil.equalsIgnoreCase(emailAddress, pop3User)) {
        throw new ReservedUserEmailAddressException();
    }
    String[] reservedEmailAddresses = PrefsPropsUtil.getStringArray(companyId, PropsKeys.ADMIN_RESERVED_EMAIL_ADDRESSES, StringPool.NEW_LINE, PropsValues.ADMIN_RESERVED_EMAIL_ADDRESSES);
    for (String reservedEmailAddress : reservedEmailAddresses) {
        if (StringUtil.equalsIgnoreCase(emailAddress, reservedEmailAddress)) {
            throw new ReservedUserEmailAddressException();
        }
    }
}
Also used : UserEmailAddressException(com.liferay.portal.UserEmailAddressException) ReservedUserEmailAddressException(com.liferay.portal.ReservedUserEmailAddressException) DuplicateUserEmailAddressException(com.liferay.portal.DuplicateUserEmailAddressException) EmailAddressValidator(com.liferay.portal.security.auth.EmailAddressValidator) ReservedUserEmailAddressException(com.liferay.portal.ReservedUserEmailAddressException)

Example 2 with UserEmailAddressException

use of com.liferay.portal.UserEmailAddressException in project liferay-ide by liferay.

the class UserLocalServiceImpl method authenticate.

/**
 * Attempts to authenticate the user by their login and password, while
 * using the AuthPipeline.
 *
 * <p>
 * Authentication type specifies what <code>login</code> contains.The valid
 * values are:
 * </p>
 *
 * <ul>
 * <li>
 * <code>CompanyConstants.AUTH_TYPE_EA</code> - <code>login</code> is the
 * user's email address
 * </li>
 * <li>
 * <code>CompanyConstants.AUTH_TYPE_SN</code> - <code>login</code> is the
 * user's screen name
 * </li>
 * <li>
 * <code>CompanyConstants.AUTH_TYPE_ID</code> - <code>login</code> is the
 * user's primary key
 * </li>
 * </ul>
 *
 * @param  companyId the primary key of the user's company
 * @param  login either the user's email address, screen name, or primary
 *         key depending on the value of <code>authType</code>
 * @param  password the user's password
 * @param  authType the type of authentication to perform
 * @param  headerMap the header map from the authentication request
 * @param  parameterMap the parameter map from the authentication request
 * @param  resultsMap the map of authentication results (may be nil). After
 *         a succesful authentication the user's primary key will be placed
 *         under the key <code>userId</code>.
 * @return the authentication status. This can be {@link
 *         com.liferay.portal.security.auth.Authenticator#FAILURE}
 *         indicating that the user's credentials are invalid, {@link
 *         com.liferay.portal.security.auth.Authenticator#SUCCESS}
 *         indicating a successful login, or {@link
 *         com.liferay.portal.security.auth.Authenticator#DNE} indicating
 *         that a user with that login does not exist.
 * @throws PortalException if <code>login</code> or <code>password</code>
 *         was <code>null</code>
 * @throws SystemException if a system exception occurred
 * @see    com.liferay.portal.security.auth.AuthPipeline
 */
protected int authenticate(long companyId, String login, String password, String authType, Map<String, String[]> headerMap, Map<String, String[]> parameterMap, Map<String, Object> resultsMap) throws PortalException, SystemException {
    if (PropsValues.AUTH_LOGIN_DISABLED) {
        return Authenticator.FAILURE;
    }
    login = StringUtil.toLowerCase(login.trim());
    long userId = GetterUtil.getLong(login);
    if (authType.equals(CompanyConstants.AUTH_TYPE_EA)) {
        if (Validator.isNull(login)) {
            throw new UserEmailAddressException();
        }
    } else if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
        if (Validator.isNull(login)) {
            throw new UserScreenNameException();
        }
    } else if (authType.equals(CompanyConstants.AUTH_TYPE_ID)) {
        if (Validator.isNull(login)) {
            throw new UserIdException();
        }
    }
    if (Validator.isNull(password)) {
        throw new UserPasswordException(UserPasswordException.PASSWORD_INVALID);
    }
    int authResult = Authenticator.FAILURE;
    if (authType.equals(CompanyConstants.AUTH_TYPE_EA)) {
        authResult = AuthPipeline.authenticateByEmailAddress(PropsKeys.AUTH_PIPELINE_PRE, companyId, login, password, headerMap, parameterMap);
    } else if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
        authResult = AuthPipeline.authenticateByScreenName(PropsKeys.AUTH_PIPELINE_PRE, companyId, login, password, headerMap, parameterMap);
    } else if (authType.equals(CompanyConstants.AUTH_TYPE_ID)) {
        authResult = AuthPipeline.authenticateByUserId(PropsKeys.AUTH_PIPELINE_PRE, companyId, userId, password, headerMap, parameterMap);
    }
    // Get user
    User user = null;
    if (authType.equals(CompanyConstants.AUTH_TYPE_EA)) {
        user = fetchUserByEmailAddress(companyId, login);
    } else if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
        user = fetchUserByScreenName(companyId, login);
    } else if (authType.equals(CompanyConstants.AUTH_TYPE_ID)) {
        user = userPersistence.fetchByPrimaryKey(GetterUtil.getLong(login));
    }
    if (user == null) {
        return Authenticator.DNE;
    }
    if (user.isDefaultUser()) {
        if (_log.isInfoEnabled()) {
            _log.info("Authentication is disabled for the default user");
        }
        return Authenticator.DNE;
    } else if (!user.isActive()) {
        if (_log.isInfoEnabled()) {
            _log.info("Authentication is disabled for inactive user " + user.getUserId());
        }
        return Authenticator.FAILURE;
    }
    if (!user.isPasswordEncrypted()) {
        user.setPassword(PasswordEncryptorUtil.encrypt(user.getPassword()));
        user.setPasswordEncrypted(true);
        userPersistence.update(user);
    }
    // Check password policy to see if the is account locked out or if the
    // password is expired
    checkLockout(user);
    checkPasswordExpired(user);
    // Authenticate against the User_ table
    boolean skipLiferayCheck = false;
    if (authResult == Authenticator.SKIP_LIFERAY_CHECK) {
        authResult = Authenticator.SUCCESS;
        skipLiferayCheck = true;
    } else if ((authResult == Authenticator.SUCCESS) && PropsValues.AUTH_PIPELINE_ENABLE_LIFERAY_CHECK) {
        boolean authenticated = PwdAuthenticator.authenticate(login, password, user.getPassword());
        if (authenticated) {
            authResult = Authenticator.SUCCESS;
        } else {
            authResult = Authenticator.FAILURE;
        }
    }
    if (authResult == Authenticator.SUCCESS) {
        if (authType.equals(CompanyConstants.AUTH_TYPE_EA)) {
            authResult = AuthPipeline.authenticateByEmailAddress(PropsKeys.AUTH_PIPELINE_POST, companyId, login, password, headerMap, parameterMap);
        } else if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
            authResult = AuthPipeline.authenticateByScreenName(PropsKeys.AUTH_PIPELINE_POST, companyId, login, password, headerMap, parameterMap);
        } else if (authType.equals(CompanyConstants.AUTH_TYPE_ID)) {
            authResult = AuthPipeline.authenticateByUserId(PropsKeys.AUTH_PIPELINE_POST, companyId, userId, password, headerMap, parameterMap);
        }
    }
    if (authResult == Authenticator.SUCCESS) {
        if (resultsMap != null) {
            resultsMap.put("userId", user.getUserId());
        }
        if (skipLiferayCheck || !PropsValues.AUTH_PIPELINE_ENABLE_LIFERAY_CHECK || Validator.isNull(user.getDigest())) {
            String digest = user.getDigest(password);
            user.setDigest(digest);
            userPersistence.update(user);
        }
    }
    if (authResult == Authenticator.FAILURE) {
        try {
            if (authType.equals(CompanyConstants.AUTH_TYPE_EA)) {
                AuthPipeline.onFailureByEmailAddress(PropsKeys.AUTH_FAILURE, companyId, login, headerMap, parameterMap);
            } else if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
                AuthPipeline.onFailureByScreenName(PropsKeys.AUTH_FAILURE, companyId, login, headerMap, parameterMap);
            } else if (authType.equals(CompanyConstants.AUTH_TYPE_ID)) {
                AuthPipeline.onFailureByUserId(PropsKeys.AUTH_FAILURE, companyId, userId, headerMap, parameterMap);
            }
            user = userPersistence.fetchByPrimaryKey(user.getUserId());
            if (user == null) {
                return Authenticator.DNE;
            }
            if (!LDAPSettingsUtil.isPasswordPolicyEnabled(user.getCompanyId())) {
                PasswordPolicy passwordPolicy = user.getPasswordPolicy();
                user = userPersistence.fetchByPrimaryKey(user.getUserId());
                int failedLoginAttempts = user.getFailedLoginAttempts();
                int maxFailures = passwordPolicy.getMaxFailure();
                if ((failedLoginAttempts >= maxFailures) && (maxFailures != 0)) {
                    if (authType.equals(CompanyConstants.AUTH_TYPE_EA)) {
                        AuthPipeline.onMaxFailuresByEmailAddress(PropsKeys.AUTH_MAX_FAILURES, companyId, login, headerMap, parameterMap);
                    } else if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
                        AuthPipeline.onMaxFailuresByScreenName(PropsKeys.AUTH_MAX_FAILURES, companyId, login, headerMap, parameterMap);
                    } else if (authType.equals(CompanyConstants.AUTH_TYPE_ID)) {
                        AuthPipeline.onMaxFailuresByUserId(PropsKeys.AUTH_MAX_FAILURES, companyId, userId, headerMap, parameterMap);
                    }
                }
            }
        } catch (Exception e) {
            _log.error(e, e);
        }
    }
    return authResult;
}
Also used : User(com.liferay.portal.model.User) UserEmailAddressException(com.liferay.portal.UserEmailAddressException) ReservedUserEmailAddressException(com.liferay.portal.ReservedUserEmailAddressException) DuplicateUserEmailAddressException(com.liferay.portal.DuplicateUserEmailAddressException) UserPasswordException(com.liferay.portal.UserPasswordException) PasswordPolicy(com.liferay.portal.model.PasswordPolicy) UserIdException(com.liferay.portal.UserIdException) ReservedUserScreenNameException(com.liferay.portal.ReservedUserScreenNameException) DuplicateUserScreenNameException(com.liferay.portal.DuplicateUserScreenNameException) UserScreenNameException(com.liferay.portal.UserScreenNameException) ContactFirstNameException(com.liferay.portal.ContactFirstNameException) ModelListenerException(com.liferay.portal.ModelListenerException) NoSuchImageException(com.liferay.portal.NoSuchImageException) GroupFriendlyURLException(com.liferay.portal.GroupFriendlyURLException) DuplicateOpenIdException(com.liferay.portal.DuplicateOpenIdException) ImageSizeException(com.liferay.portlet.documentlibrary.ImageSizeException) PasswordExpiredException(com.liferay.portal.PasswordExpiredException) UserPasswordException(com.liferay.portal.UserPasswordException) NoSuchUserException(com.liferay.portal.NoSuchUserException) UserSmsException(com.liferay.portal.UserSmsException) NoSuchRoleException(com.liferay.portal.NoSuchRoleException) PortalException(com.liferay.portal.kernel.exception.PortalException) UserIdException(com.liferay.portal.UserIdException) UserPortraitTypeException(com.liferay.portal.UserPortraitTypeException) RequiredUserException(com.liferay.portal.RequiredUserException) ReservedUserScreenNameException(com.liferay.portal.ReservedUserScreenNameException) IOException(java.io.IOException) ContactBirthdayException(com.liferay.portal.ContactBirthdayException) UserReminderQueryException(com.liferay.portal.UserReminderQueryException) DuplicateUserScreenNameException(com.liferay.portal.DuplicateUserScreenNameException) UserEmailAddressException(com.liferay.portal.UserEmailAddressException) ContactFullNameException(com.liferay.portal.ContactFullNameException) EncryptorException(com.liferay.util.EncryptorException) CompanyMaxUsersException(com.liferay.portal.CompanyMaxUsersException) NoSuchTicketException(com.liferay.portal.NoSuchTicketException) UserScreenNameException(com.liferay.portal.UserScreenNameException) ContactLastNameException(com.liferay.portal.ContactLastNameException) ReservedUserEmailAddressException(com.liferay.portal.ReservedUserEmailAddressException) DuplicateUserEmailAddressException(com.liferay.portal.DuplicateUserEmailAddressException) NoSuchUserGroupException(com.liferay.portal.NoSuchUserGroupException) PrincipalException(com.liferay.portal.security.auth.PrincipalException) SystemException(com.liferay.portal.kernel.exception.SystemException) NoSuchOrganizationException(com.liferay.portal.NoSuchOrganizationException) UserLockoutException(com.liferay.portal.UserLockoutException) UserPortraitSizeException(com.liferay.portal.UserPortraitSizeException)

Example 3 with UserEmailAddressException

use of com.liferay.portal.UserEmailAddressException in project liferay-ide by liferay.

the class UserLocalServiceImpl method sendPassword.

/**
 * Sends the password email to the user with the email address. The content
 * of this email can be specified in <code>portal.properties</code> with the
 * <code>admin.email.password</code> keys.
 *
 * @param  companyId the primary key of the user's company
 * @param  emailAddress the user's email address
 * @param  fromName the name of the individual that the email should be from
 * @param  fromAddress the address of the individual that the email should
 *         be from
 * @param  subject the email subject. If <code>null</code>, the subject
 *         specified in <code>portal.properties</code> will be used.
 * @param  body the email body. If <code>null</code>, the body specified in
 *         <code>portal.properties</code> will be used.
 * @param  serviceContext the service context to be applied
 * @throws PortalException if a user with the email address could not be
 *         found
 * @throws SystemException if a system exception occurred
 */
@Override
public void sendPassword(long companyId, String emailAddress, String fromName, String fromAddress, String subject, String body, ServiceContext serviceContext) throws PortalException, SystemException {
    Company company = companyPersistence.findByPrimaryKey(companyId);
    if (!company.isSendPassword() && !company.isSendPasswordResetLink()) {
        return;
    }
    emailAddress = StringUtil.toLowerCase(emailAddress.trim());
    if (Validator.isNull(emailAddress)) {
        throw new UserEmailAddressException();
    }
    User user = userPersistence.findByC_EA(companyId, emailAddress);
    PasswordPolicy passwordPolicy = user.getPasswordPolicy();
    String newPassword = StringPool.BLANK;
    String passwordResetURL = StringPool.BLANK;
    if (company.isSendPasswordResetLink()) {
        Date expirationDate = null;
        if ((passwordPolicy != null) && (passwordPolicy.getResetTicketMaxAge() > 0)) {
            expirationDate = new Date(System.currentTimeMillis() + (passwordPolicy.getResetTicketMaxAge() * 1000));
        }
        Ticket ticket = ticketLocalService.addTicket(companyId, User.class.getName(), user.getUserId(), TicketConstants.TYPE_PASSWORD, null, expirationDate, serviceContext);
        passwordResetURL = serviceContext.getPortalURL() + serviceContext.getPathMain() + "/portal/update_password?p_l_id=" + serviceContext.getPlid() + "&ticketKey=" + ticket.getKey();
    } else {
        if (!PasswordEncryptorUtil.PASSWORDS_ENCRYPTION_ALGORITHM.equals(PasswordEncryptorUtil.TYPE_NONE)) {
            if (LDAPSettingsUtil.isPasswordPolicyEnabled(user.getCompanyId())) {
                if (_log.isWarnEnabled()) {
                    StringBundler sb = new StringBundler(5);
                    sb.append("When LDAP password policy is enabled, ");
                    sb.append("it is possible that portal generated ");
                    sb.append("passwords will not match the LDAP policy.");
                    sb.append("Using RegExpToolkit to generate new ");
                    sb.append("password.");
                    _log.warn(sb.toString());
                }
                RegExpToolkit regExpToolkit = new RegExpToolkit();
                newPassword = regExpToolkit.generate(null);
            } else {
                newPassword = PwdToolkitUtil.generate(passwordPolicy);
            }
            boolean passwordReset = false;
            if (passwordPolicy.getChangeable() && passwordPolicy.getChangeRequired()) {
                passwordReset = true;
            }
            user.setPassword(PasswordEncryptorUtil.encrypt(newPassword));
            user.setPasswordUnencrypted(newPassword);
            user.setPasswordEncrypted(true);
            user.setPasswordReset(passwordReset);
            user.setPasswordModified(true);
            user.setPasswordModifiedDate(new Date());
            userPersistence.update(user);
            user.setPasswordModified(false);
        } else {
            newPassword = user.getPassword();
        }
    }
    if (Validator.isNull(fromName)) {
        fromName = PrefsPropsUtil.getString(companyId, PropsKeys.ADMIN_EMAIL_FROM_NAME);
    }
    if (Validator.isNull(fromAddress)) {
        fromAddress = PrefsPropsUtil.getString(companyId, PropsKeys.ADMIN_EMAIL_FROM_ADDRESS);
    }
    String toName = user.getFullName();
    String toAddress = user.getEmailAddress();
    if (Validator.isNull(subject)) {
        if (company.isSendPasswordResetLink()) {
            subject = PrefsPropsUtil.getContent(companyId, PropsKeys.ADMIN_EMAIL_PASSWORD_RESET_SUBJECT);
        } else {
            subject = PrefsPropsUtil.getContent(companyId, PropsKeys.ADMIN_EMAIL_PASSWORD_SENT_SUBJECT);
        }
    }
    if (Validator.isNull(body)) {
        if (company.isSendPasswordResetLink()) {
            body = PrefsPropsUtil.getContent(companyId, PropsKeys.ADMIN_EMAIL_PASSWORD_RESET_BODY);
        } else {
            body = PrefsPropsUtil.getContent(companyId, PropsKeys.ADMIN_EMAIL_PASSWORD_SENT_BODY);
        }
    }
    SubscriptionSender subscriptionSender = new SubscriptionSender();
    subscriptionSender.setBody(body);
    subscriptionSender.setCompanyId(companyId);
    subscriptionSender.setContextAttributes("[$PASSWORD_RESET_URL$]", passwordResetURL, "[$REMOTE_ADDRESS$]", serviceContext.getRemoteAddr(), "[$REMOTE_HOST$]", serviceContext.getRemoteHost(), "[$USER_ID$]", user.getUserId(), "[$USER_PASSWORD$]", newPassword, "[$USER_SCREENNAME$]", user.getScreenName());
    subscriptionSender.setFrom(fromAddress, fromName);
    subscriptionSender.setHtmlFormat(true);
    subscriptionSender.setMailId("user", user.getUserId(), System.currentTimeMillis(), PwdGenerator.getPassword());
    subscriptionSender.setServiceContext(serviceContext);
    subscriptionSender.setSubject(subject);
    subscriptionSender.setUserId(user.getUserId());
    subscriptionSender.addRuntimeSubscribers(toAddress, toName);
    subscriptionSender.flushNotificationsAsync();
}
Also used : Ticket(com.liferay.portal.model.Ticket) Company(com.liferay.portal.model.Company) User(com.liferay.portal.model.User) UserEmailAddressException(com.liferay.portal.UserEmailAddressException) ReservedUserEmailAddressException(com.liferay.portal.ReservedUserEmailAddressException) DuplicateUserEmailAddressException(com.liferay.portal.DuplicateUserEmailAddressException) PasswordPolicy(com.liferay.portal.model.PasswordPolicy) RegExpToolkit(com.liferay.portal.security.pwd.RegExpToolkit) Date(java.util.Date) StringBundler(com.liferay.portal.kernel.util.StringBundler) SubscriptionSender(com.liferay.portal.util.SubscriptionSender)

Aggregations

DuplicateUserEmailAddressException (com.liferay.portal.DuplicateUserEmailAddressException)3 ReservedUserEmailAddressException (com.liferay.portal.ReservedUserEmailAddressException)3 UserEmailAddressException (com.liferay.portal.UserEmailAddressException)3 PasswordPolicy (com.liferay.portal.model.PasswordPolicy)2 User (com.liferay.portal.model.User)2 CompanyMaxUsersException (com.liferay.portal.CompanyMaxUsersException)1 ContactBirthdayException (com.liferay.portal.ContactBirthdayException)1 ContactFirstNameException (com.liferay.portal.ContactFirstNameException)1 ContactFullNameException (com.liferay.portal.ContactFullNameException)1 ContactLastNameException (com.liferay.portal.ContactLastNameException)1 DuplicateOpenIdException (com.liferay.portal.DuplicateOpenIdException)1 DuplicateUserScreenNameException (com.liferay.portal.DuplicateUserScreenNameException)1 GroupFriendlyURLException (com.liferay.portal.GroupFriendlyURLException)1 ModelListenerException (com.liferay.portal.ModelListenerException)1 NoSuchImageException (com.liferay.portal.NoSuchImageException)1 NoSuchOrganizationException (com.liferay.portal.NoSuchOrganizationException)1 NoSuchRoleException (com.liferay.portal.NoSuchRoleException)1 NoSuchTicketException (com.liferay.portal.NoSuchTicketException)1 NoSuchUserException (com.liferay.portal.NoSuchUserException)1 NoSuchUserGroupException (com.liferay.portal.NoSuchUserGroupException)1