1   /**
2    * Copyright (c) 2000-2009 Liferay, Inc. All rights reserved.
3    *
4    * Permission is hereby granted, free of charge, to any person obtaining a copy
5    * of this software and associated documentation files (the "Software"), to deal
6    * in the Software without restriction, including without limitation the rights
7    * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
8    * copies of the Software, and to permit persons to whom the Software is
9    * furnished to do so, subject to the following conditions:
10   *
11   * The above copyright notice and this permission notice shall be included in
12   * all copies or substantial portions of the Software.
13   *
14   * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15   * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16   * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
17   * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
18   * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
19   * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
20   * SOFTWARE.
21   */
22  
23  package com.liferay.portal.service.permission;
24  
25  import com.liferay.portal.NoSuchResourceException;
26  import com.liferay.portal.PortalException;
27  import com.liferay.portal.SystemException;
28  import com.liferay.portal.model.Group;
29  import com.liferay.portal.model.Layout;
30  import com.liferay.portal.model.LayoutConstants;
31  import com.liferay.portal.model.ResourceConstants;
32  import com.liferay.portal.security.auth.PrincipalException;
33  import com.liferay.portal.security.permission.ActionKeys;
34  import com.liferay.portal.security.permission.PermissionChecker;
35  import com.liferay.portal.service.GroupLocalServiceUtil;
36  import com.liferay.portal.service.LayoutLocalServiceUtil;
37  import com.liferay.portal.service.ResourceLocalServiceUtil;
38  import com.liferay.portal.service.ResourcePermissionLocalServiceUtil;
39  import com.liferay.portal.util.PropsValues;
40  
41  /**
42   * <a href="LayoutPermissionImpl.java.html"><b><i>View Source</i></b></a>
43   *
44   * @author Charles May
45   * @author Brian Wing Shun Chan
46   *
47   */
48  public class LayoutPermissionImpl implements LayoutPermission {
49  
50      public void check(
51              PermissionChecker permissionChecker, long plid, String actionId)
52          throws PortalException, SystemException {
53  
54          if (!contains(permissionChecker, plid, actionId)) {
55              throw new PrincipalException();
56          }
57      }
58  
59      public void check(
60              PermissionChecker permissionChecker, long groupId,
61              boolean privateLayout, long layoutId, String actionId)
62          throws PortalException, SystemException {
63  
64          if (!contains(
65                  permissionChecker, groupId, privateLayout, layoutId,
66                  actionId)) {
67  
68              throw new PrincipalException();
69          }
70      }
71  
72      public void check(
73              PermissionChecker permissionChecker, Layout layout, String actionId)
74          throws PortalException, SystemException {
75  
76          if (!contains(permissionChecker, layout, actionId)) {
77              throw new PrincipalException();
78          }
79      }
80  
81      public boolean contains(
82              PermissionChecker permissionChecker, long plid, String actionId)
83          throws PortalException, SystemException {
84  
85          Layout layout = LayoutLocalServiceUtil.getLayout(plid);
86  
87          return contains(permissionChecker, layout, actionId);
88      }
89  
90      public boolean contains(
91              PermissionChecker permissionChecker, long groupId,
92              boolean privateLayout, long layoutId, String actionId)
93          throws PortalException, SystemException {
94  
95          if (layoutId == LayoutConstants.DEFAULT_PARENT_LAYOUT_ID) {
96              if (GroupPermissionUtil.contains(
97                      permissionChecker, groupId, ActionKeys.MANAGE_LAYOUTS)) {
98  
99                  return true;
100             }
101             else {
102                 return false;
103             }
104         }
105         else {
106             Layout layout = LayoutLocalServiceUtil.getLayout(
107                 groupId, privateLayout, layoutId);
108 
109             return contains(permissionChecker, layout, actionId);
110         }
111     }
112 
113     public boolean contains(
114             PermissionChecker permissionChecker, Layout layout, String actionId)
115         throws PortalException, SystemException {
116 
117         if ((layout.isPrivateLayout() &&
118              !PropsValues.LAYOUT_USER_PRIVATE_LAYOUTS_MODIFIABLE) ||
119             (layout.isPublicLayout() &&
120              !PropsValues.LAYOUT_USER_PUBLIC_LAYOUTS_MODIFIABLE)) {
121 
122             if (actionId.equals(ActionKeys.UPDATE)) {
123                 Group group = GroupLocalServiceUtil.getGroup(
124                     layout.getGroupId());
125 
126                 if (group.isUser()) {
127                     return false;
128                 }
129             }
130         }
131 
132         if (GroupPermissionUtil.contains(
133                 permissionChecker, layout.getGroupId(),
134                 ActionKeys.MANAGE_LAYOUTS)) {
135 
136             return true;
137         }
138 
139         try {
140             if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
141                 if (ResourcePermissionLocalServiceUtil.
142                         getResourcePermissionsCount(
143                             layout.getCompanyId(), Layout.class.getName(),
144                             ResourceConstants.SCOPE_INDIVIDUAL,
145                             String.valueOf(layout.getPlid())) == 0) {
146 
147                     throw new NoSuchResourceException();
148                 }
149             }
150             else {
151                 ResourceLocalServiceUtil.getResource(
152                     layout.getCompanyId(), Layout.class.getName(),
153                     ResourceConstants.SCOPE_INDIVIDUAL,
154                     String.valueOf(layout.getPlid()));
155             }
156         }
157         catch (NoSuchResourceException nsre) {
158             boolean addCommunityPermission = true;
159             boolean addGuestPermission = true;
160 
161             if (layout.isPrivateLayout()) {
162                 addGuestPermission = false;
163             }
164 
165             ResourceLocalServiceUtil.addResources(
166                 layout.getCompanyId(), layout.getGroupId(), 0,
167                 Layout.class.getName(), layout.getPlid(), false,
168                 addCommunityPermission, addGuestPermission);
169         }
170 
171         return permissionChecker.hasPermission(
172             layout.getGroupId(), Layout.class.getName(), layout.getPlid(),
173             actionId);
174     }
175 
176 }