1
19
20 package com.liferay.portal.service.permission;
21
22 import com.liferay.portal.PortalException;
23 import com.liferay.portal.SystemException;
24 import com.liferay.portal.kernel.log.Log;
25 import com.liferay.portal.kernel.log.LogFactoryUtil;
26 import com.liferay.portal.model.Group;
27 import com.liferay.portal.model.GroupConstants;
28 import com.liferay.portal.model.Layout;
29 import com.liferay.portal.model.Portlet;
30 import com.liferay.portal.model.PortletConstants;
31 import com.liferay.portal.security.auth.PrincipalException;
32 import com.liferay.portal.security.permission.ActionKeys;
33 import com.liferay.portal.security.permission.PermissionChecker;
34 import com.liferay.portal.security.permission.ResourceActionsUtil;
35 import com.liferay.portal.service.GroupLocalServiceUtil;
36 import com.liferay.portal.service.LayoutLocalServiceUtil;
37 import com.liferay.portal.util.PropsValues;
38
39 import java.util.List;
40
41
47 public class PortletPermissionImpl implements PortletPermission {
48
49 public static final boolean DEFAULT_STRICT = false;
50
51 public void check(
52 PermissionChecker permissionChecker, String portletId,
53 String actionId)
54 throws PortalException, SystemException {
55
56 if (!contains(permissionChecker, portletId, actionId)) {
57 throw new PrincipalException();
58 }
59 }
60
61 public void check(
62 PermissionChecker permissionChecker, long plid, String portletId,
63 String actionId)
64 throws PortalException, SystemException {
65
66 check(permissionChecker, plid, portletId, actionId, DEFAULT_STRICT);
67 }
68
69 public void check(
70 PermissionChecker permissionChecker, long plid, String portletId,
71 String actionId, boolean strict)
72 throws PortalException, SystemException {
73
74 if (!contains(permissionChecker, plid, portletId, actionId, strict)) {
75 throw new PrincipalException();
76 }
77 }
78
79 public boolean contains(
80 PermissionChecker permissionChecker, String portletId,
81 String actionId)
82 throws PortalException, SystemException {
83
84 return contains(permissionChecker, 0, portletId, actionId);
85 }
86
87 public boolean contains(
88 PermissionChecker permissionChecker, long plid, String portletId,
89 String actionId)
90 throws PortalException, SystemException {
91
92 return contains(
93 permissionChecker, plid, portletId, actionId, DEFAULT_STRICT);
94 }
95
96 public boolean contains(
97 PermissionChecker permissionChecker, long plid, String portletId,
98 String actionId, boolean strict)
99 throws PortalException, SystemException {
100
101 long groupId = 0;
102 String name = null;
103 String primKey = null;
104
105 if (plid > 0) {
106 Layout layout = LayoutLocalServiceUtil.getLayout(plid);
107
108 groupId = layout.getGroupId();
109 name = PortletConstants.getRootPortletId(portletId);
110 primKey = getPrimaryKey(plid, portletId);
111
112 if ((layout.isPrivateLayout() &&
113 !PropsValues.LAYOUT_USER_PRIVATE_LAYOUTS_MODIFIABLE) ||
114 (layout.isPublicLayout() &&
115 !PropsValues.LAYOUT_USER_PUBLIC_LAYOUTS_MODIFIABLE)) {
116
117 if (actionId.equals(ActionKeys.CONFIGURATION)) {
118 Group group = GroupLocalServiceUtil.getGroup(
119 layout.getGroupId());
120
121 if (group.isUser()) {
122 return false;
123 }
124 }
125 }
126
127 if (actionId.equals(ActionKeys.VIEW)) {
128 Group group = GroupLocalServiceUtil.getGroup(
129 layout.getGroupId());
130
131 if (group.getName().equals(GroupConstants.CONTROL_PANEL)) {
132 return true;
133 }
134 }
135
136 if (!strict) {
137 if (LayoutPermissionUtil.contains(
138 permissionChecker, groupId, layout.isPrivateLayout(),
139 layout.getLayoutId(), ActionKeys.UPDATE) &&
140 hasLayoutManagerPermission(portletId, actionId)) {
141
142 return true;
143 }
144 }
145 }
146 else {
147 name = portletId;
148 primKey = portletId;
149 }
150
151 return permissionChecker.hasPermission(
152 groupId, name, primKey, actionId);
153 }
154
155 public boolean contains(
156 PermissionChecker permissionChecker, long plid, Portlet portlet,
157 String actionId)
158 throws PortalException, SystemException {
159
160 return contains(
161 permissionChecker, plid, portlet, actionId, DEFAULT_STRICT);
162 }
163
164 public boolean contains(
165 PermissionChecker permissionChecker, long plid, Portlet portlet,
166 String actionId, boolean strict)
167 throws PortalException, SystemException {
168
169 boolean value = contains(
170 permissionChecker, plid, portlet.getPortletId(), actionId, strict);
171
172 if (value) {
173 return true;
174 }
175 else {
176 if (portlet.isSystem() && actionId.equals(ActionKeys.VIEW)) {
177 return true;
178 }
179 else {
180 return false;
181 }
182 }
183 }
184
185 public String getPrimaryKey(long plid, String portletId) {
186 StringBuilder sb = new StringBuilder();
187
188 sb.append(plid);
189 sb.append(PortletConstants.LAYOUT_SEPARATOR);
190 sb.append(portletId);
191
192 return sb.toString();
193 }
194
195 public boolean hasLayoutManagerPermission(
196 String portletId, String actionId) {
197
198 try {
199 return hasLayoutManagerPermissionImpl(portletId, actionId);
200 }
201 catch (Exception e) {
202 _log.error(e, e);
203
204 return false;
205 }
206 }
207
208 protected boolean hasLayoutManagerPermissionImpl(
209 String portletId, String actionId) {
210
211 portletId = PortletConstants.getRootPortletId(portletId);
212
213 List<String> layoutManagerActions =
214 ResourceActionsUtil.getPortletResourceLayoutManagerActions(
215 portletId);
216
217 return layoutManagerActions.contains(actionId);
218 }
219
220 private static Log _log =
221 LogFactoryUtil.getLog(PortletPermissionImpl.class);
222
223 }