use of com.liferay.portal.model.PasswordPolicy in project liferay-ide by liferay.
the class UserLocalServiceImpl method sendPassword.
/**
* Sends the password email to the user with the email address. The content
* of this email can be specified in <code>portal.properties</code> with the
* <code>admin.email.password</code> keys.
*
* @param companyId the primary key of the user's company
* @param emailAddress the user's email address
* @param fromName the name of the individual that the email should be from
* @param fromAddress the address of the individual that the email should
* be from
* @param subject the email subject. If <code>null</code>, the subject
* specified in <code>portal.properties</code> will be used.
* @param body the email body. If <code>null</code>, the body specified in
* <code>portal.properties</code> will be used.
* @param serviceContext the service context to be applied
* @throws PortalException if a user with the email address could not be
* found
* @throws SystemException if a system exception occurred
*/
@Override
public void sendPassword(long companyId, String emailAddress, String fromName, String fromAddress, String subject, String body, ServiceContext serviceContext) throws PortalException, SystemException {
Company company = companyPersistence.findByPrimaryKey(companyId);
if (!company.isSendPassword() && !company.isSendPasswordResetLink()) {
return;
}
emailAddress = StringUtil.toLowerCase(emailAddress.trim());
if (Validator.isNull(emailAddress)) {
throw new UserEmailAddressException();
}
User user = userPersistence.findByC_EA(companyId, emailAddress);
PasswordPolicy passwordPolicy = user.getPasswordPolicy();
String newPassword = StringPool.BLANK;
String passwordResetURL = StringPool.BLANK;
if (company.isSendPasswordResetLink()) {
Date expirationDate = null;
if ((passwordPolicy != null) && (passwordPolicy.getResetTicketMaxAge() > 0)) {
expirationDate = new Date(System.currentTimeMillis() + (passwordPolicy.getResetTicketMaxAge() * 1000));
}
Ticket ticket = ticketLocalService.addTicket(companyId, User.class.getName(), user.getUserId(), TicketConstants.TYPE_PASSWORD, null, expirationDate, serviceContext);
passwordResetURL = serviceContext.getPortalURL() + serviceContext.getPathMain() + "/portal/update_password?p_l_id=" + serviceContext.getPlid() + "&ticketKey=" + ticket.getKey();
} else {
if (!PasswordEncryptorUtil.PASSWORDS_ENCRYPTION_ALGORITHM.equals(PasswordEncryptorUtil.TYPE_NONE)) {
if (LDAPSettingsUtil.isPasswordPolicyEnabled(user.getCompanyId())) {
if (_log.isWarnEnabled()) {
StringBundler sb = new StringBundler(5);
sb.append("When LDAP password policy is enabled, ");
sb.append("it is possible that portal generated ");
sb.append("passwords will not match the LDAP policy.");
sb.append("Using RegExpToolkit to generate new ");
sb.append("password.");
_log.warn(sb.toString());
}
RegExpToolkit regExpToolkit = new RegExpToolkit();
newPassword = regExpToolkit.generate(null);
} else {
newPassword = PwdToolkitUtil.generate(passwordPolicy);
}
boolean passwordReset = false;
if (passwordPolicy.getChangeable() && passwordPolicy.getChangeRequired()) {
passwordReset = true;
}
user.setPassword(PasswordEncryptorUtil.encrypt(newPassword));
user.setPasswordUnencrypted(newPassword);
user.setPasswordEncrypted(true);
user.setPasswordReset(passwordReset);
user.setPasswordModified(true);
user.setPasswordModifiedDate(new Date());
userPersistence.update(user);
user.setPasswordModified(false);
} else {
newPassword = user.getPassword();
}
}
if (Validator.isNull(fromName)) {
fromName = PrefsPropsUtil.getString(companyId, PropsKeys.ADMIN_EMAIL_FROM_NAME);
}
if (Validator.isNull(fromAddress)) {
fromAddress = PrefsPropsUtil.getString(companyId, PropsKeys.ADMIN_EMAIL_FROM_ADDRESS);
}
String toName = user.getFullName();
String toAddress = user.getEmailAddress();
if (Validator.isNull(subject)) {
if (company.isSendPasswordResetLink()) {
subject = PrefsPropsUtil.getContent(companyId, PropsKeys.ADMIN_EMAIL_PASSWORD_RESET_SUBJECT);
} else {
subject = PrefsPropsUtil.getContent(companyId, PropsKeys.ADMIN_EMAIL_PASSWORD_SENT_SUBJECT);
}
}
if (Validator.isNull(body)) {
if (company.isSendPasswordResetLink()) {
body = PrefsPropsUtil.getContent(companyId, PropsKeys.ADMIN_EMAIL_PASSWORD_RESET_BODY);
} else {
body = PrefsPropsUtil.getContent(companyId, PropsKeys.ADMIN_EMAIL_PASSWORD_SENT_BODY);
}
}
SubscriptionSender subscriptionSender = new SubscriptionSender();
subscriptionSender.setBody(body);
subscriptionSender.setCompanyId(companyId);
subscriptionSender.setContextAttributes("[$PASSWORD_RESET_URL$]", passwordResetURL, "[$REMOTE_ADDRESS$]", serviceContext.getRemoteAddr(), "[$REMOTE_HOST$]", serviceContext.getRemoteHost(), "[$USER_ID$]", user.getUserId(), "[$USER_PASSWORD$]", newPassword, "[$USER_SCREENNAME$]", user.getScreenName());
subscriptionSender.setFrom(fromAddress, fromName);
subscriptionSender.setHtmlFormat(true);
subscriptionSender.setMailId("user", user.getUserId(), System.currentTimeMillis(), PwdGenerator.getPassword());
subscriptionSender.setServiceContext(serviceContext);
subscriptionSender.setSubject(subject);
subscriptionSender.setUserId(user.getUserId());
subscriptionSender.addRuntimeSubscribers(toAddress, toName);
subscriptionSender.flushNotificationsAsync();
}
use of com.liferay.portal.model.PasswordPolicy in project liferay-ide by liferay.
the class UserLocalServiceImpl method isPasswordExpired.
/**
* Returns <code>true</code> if the user's password is expired.
*
* @param user the user
* @return <code>true</code> if the user's password is expired;
* <code>false</code> otherwise
* @throws PortalException if the password policy for the user could not be
* found
* @throws SystemException if a system exception occurred
*/
@Override
public boolean isPasswordExpired(User user) throws PortalException, SystemException {
PasswordPolicy passwordPolicy = user.getPasswordPolicy();
if ((passwordPolicy != null) && passwordPolicy.getExpireable()) {
Date now = new Date();
if (user.getPasswordModifiedDate() == null) {
user.setPasswordModifiedDate(now);
userLocalService.updateUser(user);
}
long passwordStartTime = user.getPasswordModifiedDate().getTime();
long elapsedTime = now.getTime() - passwordStartTime;
if (elapsedTime > (passwordPolicy.getMaxAge() * 1000)) {
return true;
} else {
return false;
}
}
return false;
}
use of com.liferay.portal.model.PasswordPolicy in project liferay-ide by liferay.
the class UserLocalServiceImpl method addUserWithWorkflow.
/**
* Adds a user with workflow.
*
* <p>
* This method handles the creation and bookkeeping of the user including
* its resources, metadata, and internal data structures. It is not
* necessary to make subsequent calls to any methods to setup default
* groups, resources, etc.
* </p>
*
* @param creatorUserId the primary key of the creator
* @param companyId the primary key of the user's company
* @param autoPassword whether a password should be automatically generated
* for the user
* @param password1 the user's password
* @param password2 the user's password confirmation
* @param autoScreenName whether a screen name should be automatically
* generated for the user
* @param screenName the user's screen name
* @param emailAddress the user's email address
* @param facebookId the user's facebook ID
* @param openId the user's OpenID
* @param locale the user's locale
* @param firstName the user's first name
* @param middleName the user's middle name
* @param lastName the user's last name
* @param prefixId the user's name prefix ID
* @param suffixId the user's name suffix ID
* @param male whether the user is male
* @param birthdayMonth the user's birthday month (0-based, meaning 0 for
* January)
* @param birthdayDay the user's birthday day
* @param birthdayYear the user's birthday year
* @param jobTitle the user's job title
* @param groupIds the primary keys of the user's groups
* @param organizationIds the primary keys of the user's organizations
* @param roleIds the primary keys of the roles this user possesses
* @param userGroupIds the primary keys of the user's user groups
* @param sendEmail whether to send the user an email notification about
* their new account
* @param serviceContext the service context to be applied (optionally
* <code>null</code>). Can set the UUID (with the <code>uuid</code>
* attribute), asset category IDs, asset tag names, and expando
* bridge attributes for the user.
* @return the new user
* @throws PortalException if the user's information was invalid
* @throws SystemException if a system exception occurred
*/
@Override
@SuppressWarnings("deprecation")
public User addUserWithWorkflow(long creatorUserId, long companyId, boolean autoPassword, String password1, String password2, boolean autoScreenName, String screenName, String emailAddress, long facebookId, String openId, Locale locale, String firstName, String middleName, String lastName, int prefixId, int suffixId, boolean male, int birthdayMonth, int birthdayDay, int birthdayYear, String jobTitle, long[] groupIds, long[] organizationIds, long[] roleIds, long[] userGroupIds, boolean sendEmail, ServiceContext serviceContext) throws PortalException, SystemException {
// User
Company company = companyPersistence.findByPrimaryKey(companyId);
screenName = getLogin(screenName);
openId = StringUtil.trim(openId);
Date now = new Date();
if (PrefsPropsUtil.getBoolean(companyId, PropsKeys.USERS_SCREEN_NAME_ALWAYS_AUTOGENERATE)) {
autoScreenName = true;
}
// PLACEHOLDER 01
long userId = counterLocalService.increment();
EmailAddressGenerator emailAddressGenerator = EmailAddressGeneratorFactory.getInstance();
if ((emailAddress == null) || emailAddressGenerator.isGenerated(emailAddress)) {
emailAddress = StringPool.BLANK;
} else {
emailAddress = StringUtil.toLowerCase(emailAddress.trim());
}
if (!PrefsPropsUtil.getBoolean(companyId, PropsKeys.USERS_EMAIL_ADDRESS_REQUIRED) && Validator.isNull(emailAddress)) {
emailAddress = emailAddressGenerator.generate(companyId, userId);
}
validate(companyId, userId, autoPassword, password1, password2, autoScreenName, screenName, emailAddress, openId, firstName, middleName, lastName, organizationIds);
if (!autoPassword) {
if (Validator.isNull(password1) || Validator.isNull(password2)) {
throw new UserPasswordException(UserPasswordException.PASSWORD_INVALID);
}
}
if (autoScreenName) {
ScreenNameGenerator screenNameGenerator = ScreenNameGeneratorFactory.getInstance();
try {
screenName = screenNameGenerator.generate(companyId, userId, emailAddress);
} catch (Exception e) {
throw new SystemException(e);
}
}
User defaultUser = getDefaultUser(companyId);
FullNameGenerator fullNameGenerator = FullNameGeneratorFactory.getInstance();
String fullName = fullNameGenerator.getFullName(firstName, middleName, lastName);
String greeting = LanguageUtil.format(locale, "welcome-x", " " + fullName, false);
User user = userPersistence.create(userId);
if (serviceContext != null) {
String uuid = serviceContext.getUuid();
if (Validator.isNotNull(uuid)) {
user.setUuid(uuid);
}
}
user.setCompanyId(companyId);
user.setCreateDate(now);
user.setModifiedDate(now);
user.setDefaultUser(false);
user.setContactId(counterLocalService.increment());
if (Validator.isNotNull(password1)) {
user.setPassword(PasswordEncryptorUtil.encrypt(password1));
user.setPasswordUnencrypted(password1);
}
user.setPasswordEncrypted(true);
PasswordPolicy passwordPolicy = defaultUser.getPasswordPolicy();
boolean passwordReset = false;
if (passwordPolicy != null) {
if (passwordPolicy.isChangeable() && passwordPolicy.isChangeRequired()) {
passwordReset = true;
}
addPasswordPolicyUsers(passwordPolicy.getPasswordPolicyId(), new long[] { userId });
}
user.setPasswordReset(passwordReset);
user.setDigest(StringPool.BLANK);
user.setScreenName(screenName);
user.setEmailAddress(emailAddress);
user.setFacebookId(facebookId);
Long ldapServerId = (Long) serviceContext.getAttribute("ldapServerId");
if (ldapServerId != null) {
user.setLdapServerId(ldapServerId);
} else {
user.setLdapServerId(-1);
}
user.setOpenId(openId);
user.setLanguageId(LocaleUtil.toLanguageId(locale));
user.setTimeZoneId(defaultUser.getTimeZoneId());
user.setGreeting(greeting);
user.setFirstName(firstName);
user.setMiddleName(middleName);
user.setLastName(lastName);
user.setJobTitle(jobTitle);
user.setStatus(WorkflowConstants.STATUS_DRAFT);
user.setExpandoBridgeAttributes(serviceContext);
userPersistence.update(user, serviceContext);
// Contact
String creatorUserName = StringPool.BLANK;
if (creatorUserId <= 0) {
creatorUserId = user.getUserId();
// Don't grab the full name from the User object because it doesn't
// have a corresponding Contact object yet
// creatorUserName = user.getFullName();
} else {
User creatorUser = userPersistence.findByPrimaryKey(creatorUserId);
creatorUserName = creatorUser.getFullName();
}
Date birthday = getBirthday(birthdayMonth, birthdayDay, birthdayYear);
Contact contact = contactPersistence.create(user.getContactId());
contact.setCompanyId(user.getCompanyId());
contact.setUserId(creatorUserId);
contact.setUserName(creatorUserName);
contact.setCreateDate(now);
contact.setModifiedDate(now);
contact.setClassName(User.class.getName());
contact.setClassPK(user.getUserId());
contact.setAccountId(company.getAccountId());
contact.setParentContactId(ContactConstants.DEFAULT_PARENT_CONTACT_ID);
contact.setEmailAddress(user.getEmailAddress());
contact.setFirstName(firstName);
contact.setMiddleName(middleName);
contact.setLastName(lastName);
contact.setPrefixId(prefixId);
contact.setSuffixId(suffixId);
contact.setMale(male);
contact.setBirthday(birthday);
contact.setJobTitle(jobTitle);
contactPersistence.update(contact, serviceContext);
// Group
groupLocalService.addGroup(user.getUserId(), GroupConstants.DEFAULT_PARENT_GROUP_ID, User.class.getName(), user.getUserId(), null, null, 0, StringPool.SLASH + screenName, false, true, null);
if (groupIds != null) {
List<Group> groups = new ArrayList<Group>();
for (long groupId : groupIds) {
Group group = groupLocalService.fetchGroup(groupId);
if (group != null) {
groups.add(group);
} else {
if (_log.isWarnEnabled()) {
_log.warn("Group " + groupId + " does not exist");
}
}
}
groupLocalService.addUserGroups(userId, groups);
}
addDefaultGroups(userId);
// Organizations
updateOrganizations(userId, organizationIds, false);
if (roleIds != null) {
roleIds = UsersAdminUtil.addRequiredRoles(user, roleIds);
userPersistence.setRoles(userId, roleIds);
}
addDefaultRoles(userId);
if (userGroupIds != null) {
if (PropsValues.USER_GROUPS_COPY_LAYOUTS_TO_USER_PERSONAL_SITE) {
for (long userGroupId : userGroupIds) {
userGroupLocalService.copyUserGroupLayouts(userGroupId, new long[] { userId });
}
}
userPersistence.setUserGroups(userId, userGroupIds);
}
addDefaultUserGroups(userId);
// Resources
resourceLocalService.addResources(companyId, 0, creatorUserId, User.class.getName(), user.getUserId(), false, false, false);
if (serviceContext != null) {
updateAsset(creatorUserId, user, serviceContext.getAssetCategoryIds(), serviceContext.getAssetTagNames());
}
if ((serviceContext == null) || serviceContext.isIndexingEnabled()) {
reindex(user);
}
// Workflow
long workflowUserId = creatorUserId;
if (workflowUserId == userId) {
workflowUserId = defaultUser.getUserId();
}
ServiceContext workflowServiceContext = serviceContext;
if (workflowServiceContext == null) {
workflowServiceContext = new ServiceContext();
}
workflowServiceContext.setAttribute("autoPassword", autoPassword);
workflowServiceContext.setAttribute("passwordUnencrypted", password1);
workflowServiceContext.setAttribute("sendEmail", sendEmail);
WorkflowHandlerRegistryUtil.startWorkflowInstance(companyId, workflowUserId, User.class.getName(), userId, user, workflowServiceContext);
if (serviceContext != null) {
String passwordUnencrypted = (String) serviceContext.getAttribute("passwordUnencrypted");
if (Validator.isNotNull(passwordUnencrypted)) {
user.setPasswordUnencrypted(passwordUnencrypted);
}
}
return user;
}
use of com.liferay.portal.model.PasswordPolicy in project liferay-ide by liferay.
the class UserLocalServiceImpl method updateIncompleteUser.
/**
* Updates a user account that was automatically created when a guest user
* participated in an action (e.g. posting a comment) and only provided his
* name and email address.
*
* @param creatorUserId the primary key of the creator
* @param companyId the primary key of the user's company
* @param autoPassword whether a password should be automatically generated
* for the user
* @param password1 the user's password
* @param password2 the user's password confirmation
* @param autoScreenName whether a screen name should be automatically
* generated for the user
* @param screenName the user's screen name
* @param emailAddress the user's email address
* @param facebookId the user's facebook ID
* @param openId the user's OpenID
* @param locale the user's locale
* @param firstName the user's first name
* @param middleName the user's middle name
* @param lastName the user's last name
* @param prefixId the user's name prefix ID
* @param suffixId the user's name suffix ID
* @param male whether the user is male
* @param birthdayMonth the user's birthday month (0-based, meaning 0 for
* January)
* @param birthdayDay the user's birthday day
* @param birthdayYear the user's birthday year
* @param jobTitle the user's job title
* @param updateUserInformation whether to update the user's information
* @param sendEmail whether to send the user an email notification about
* their new account
* @param serviceContext the service context to be applied (optionally
* <code>null</code>). Can set expando bridge attributes for the
* user.
* @return the user
* @throws PortalException if the user's information was invalid
* @throws SystemException if a system exception occurred
*/
@Override
public User updateIncompleteUser(long creatorUserId, long companyId, boolean autoPassword, String password1, String password2, boolean autoScreenName, String screenName, String emailAddress, long facebookId, String openId, Locale locale, String firstName, String middleName, String lastName, int prefixId, int suffixId, boolean male, int birthdayMonth, int birthdayDay, int birthdayYear, String jobTitle, boolean updateUserInformation, boolean sendEmail, ServiceContext serviceContext) throws PortalException, SystemException {
User user = getUserByEmailAddress(companyId, emailAddress);
if (user.getStatus() != WorkflowConstants.STATUS_INCOMPLETE) {
throw new PortalException("Invalid user status");
}
User defaultUser = getDefaultUser(companyId);
if (facebookId > 0) {
autoPassword = false;
if ((password1 == null) || (password2 == null)) {
password1 = PwdGenerator.getPassword();
password2 = password1;
}
sendEmail = false;
}
if (updateUserInformation) {
autoScreenName = false;
if (PrefsPropsUtil.getBoolean(companyId, PropsKeys.USERS_SCREEN_NAME_ALWAYS_AUTOGENERATE)) {
autoScreenName = true;
}
validate(companyId, user.getUserId(), autoPassword, password1, password2, autoScreenName, screenName, emailAddress, openId, firstName, middleName, lastName, null);
if (!autoPassword) {
if (Validator.isNull(password1) || Validator.isNull(password2)) {
throw new UserPasswordException(UserPasswordException.PASSWORD_INVALID);
}
}
if (autoScreenName) {
ScreenNameGenerator screenNameGenerator = ScreenNameGeneratorFactory.getInstance();
try {
screenName = screenNameGenerator.generate(companyId, user.getUserId(), emailAddress);
} catch (Exception e) {
throw new SystemException(e);
}
}
FullNameGenerator fullNameGenerator = FullNameGeneratorFactory.getInstance();
String fullName = fullNameGenerator.getFullName(firstName, middleName, lastName);
String greeting = LanguageUtil.format(locale, "welcome-x", " " + fullName, false);
if (Validator.isNotNull(password1)) {
user.setPassword(PasswordEncryptorUtil.encrypt(password1));
user.setPasswordUnencrypted(password1);
}
user.setPasswordEncrypted(true);
PasswordPolicy passwordPolicy = defaultUser.getPasswordPolicy();
if ((passwordPolicy != null) && passwordPolicy.isChangeable() && passwordPolicy.isChangeRequired()) {
user.setPasswordReset(true);
} else {
user.setPasswordReset(false);
}
user.setScreenName(screenName);
user.setFacebookId(facebookId);
user.setOpenId(openId);
user.setLanguageId(locale.toString());
user.setTimeZoneId(defaultUser.getTimeZoneId());
user.setGreeting(greeting);
user.setFirstName(firstName);
user.setMiddleName(middleName);
user.setLastName(lastName);
user.setJobTitle(jobTitle);
user.setExpandoBridgeAttributes(serviceContext);
Date birthday = getBirthday(birthdayMonth, birthdayDay, birthdayYear);
Contact contact = user.getContact();
contact.setFirstName(firstName);
contact.setMiddleName(middleName);
contact.setLastName(lastName);
contact.setPrefixId(prefixId);
contact.setSuffixId(suffixId);
contact.setMale(male);
contact.setBirthday(birthday);
contact.setJobTitle(jobTitle);
contactPersistence.update(contact, serviceContext);
// Indexer
Indexer indexer = IndexerRegistryUtil.nullSafeGetIndexer(User.class);
indexer.reindex(user);
}
user.setStatus(WorkflowConstants.STATUS_DRAFT);
userPersistence.update(user, serviceContext);
// Workflow
long workflowUserId = creatorUserId;
if (workflowUserId == user.getUserId()) {
workflowUserId = defaultUser.getUserId();
}
ServiceContext workflowServiceContext = serviceContext;
if (workflowServiceContext == null) {
workflowServiceContext = new ServiceContext();
}
workflowServiceContext.setAttribute("autoPassword", autoPassword);
workflowServiceContext.setAttribute("passwordUnencrypted", password1);
workflowServiceContext.setAttribute("sendEmail", sendEmail);
WorkflowHandlerRegistryUtil.startWorkflowInstance(companyId, workflowUserId, User.class.getName(), user.getUserId(), user, workflowServiceContext);
return getUserByEmailAddress(companyId, emailAddress);
}
use of com.liferay.portal.model.PasswordPolicy in project liferay-ide by liferay.
the class UserLocalServiceImpl method checkLockout.
/**
* Checks if the user is currently locked out based on the password policy,
* and performs maintenance on the user's lockout and failed login data.
*
* @param user the user
* @throws PortalException if the user was determined to still be locked out
* @throws SystemException if a system exception occurred
*/
@Override
public void checkLockout(User user) throws PortalException, SystemException {
if (LDAPSettingsUtil.isPasswordPolicyEnabled(user.getCompanyId())) {
return;
}
PasswordPolicy passwordPolicy = user.getPasswordPolicy();
if (!passwordPolicy.isLockout()) {
return;
}
// Reset failure count
Date now = new Date();
int failedLoginAttempts = user.getFailedLoginAttempts();
if (failedLoginAttempts > 0) {
long failedLoginTime = user.getLastFailedLoginDate().getTime();
long elapsedTime = now.getTime() - failedLoginTime;
long requiredElapsedTime = passwordPolicy.getResetFailureCount() * 1000;
if ((requiredElapsedTime != 0) && (elapsedTime > requiredElapsedTime)) {
user.setFailedLoginAttempts(0);
userPersistence.update(user);
}
}
if (user.isLockout()) {
long lockoutTime = user.getLockoutDate().getTime();
long elapsedTime = now.getTime() - lockoutTime;
long requiredElapsedTime = passwordPolicy.getLockoutDuration() * 1000;
if ((requiredElapsedTime != 0) && (elapsedTime > requiredElapsedTime)) {
user.setLockout(false);
user.setLockoutDate(null);
userPersistence.update(user);
}
}
if (user.isLockout()) {
throw new UserLockoutException();
}
}
Aggregations