1
19
20 package com.liferay.portlet.portletconfiguration.action;
21
22 import com.liferay.portal.kernel.servlet.SessionErrors;
23 import com.liferay.portal.kernel.util.Constants;
24 import com.liferay.portal.kernel.util.GetterUtil;
25 import com.liferay.portal.kernel.util.ParamUtil;
26 import com.liferay.portal.kernel.util.StringUtil;
27 import com.liferay.portal.kernel.util.Validator;
28 import com.liferay.portal.model.Group;
29 import com.liferay.portal.model.Layout;
30 import com.liferay.portal.model.Organization;
31 import com.liferay.portal.model.Portlet;
32 import com.liferay.portal.model.PortletConstants;
33 import com.liferay.portal.model.Resource;
34 import com.liferay.portal.model.Role;
35 import com.liferay.portal.model.UserGroup;
36 import com.liferay.portal.security.auth.PrincipalException;
37 import com.liferay.portal.security.permission.ResourceActionsUtil;
38 import com.liferay.portal.service.LayoutLocalServiceUtil;
39 import com.liferay.portal.service.PermissionServiceUtil;
40 import com.liferay.portal.service.PortletLocalServiceUtil;
41 import com.liferay.portal.service.ResourceLocalServiceUtil;
42 import com.liferay.portal.service.ResourcePermissionServiceUtil;
43 import com.liferay.portal.servlet.filters.cache.CacheUtil;
44 import com.liferay.portal.theme.ThemeDisplay;
45 import com.liferay.portal.util.PropsValues;
46 import com.liferay.portal.util.WebKeys;
47
48 import java.util.ArrayList;
49 import java.util.Enumeration;
50 import java.util.List;
51
52 import javax.portlet.ActionRequest;
53 import javax.portlet.ActionResponse;
54 import javax.portlet.PortletConfig;
55 import javax.portlet.RenderRequest;
56 import javax.portlet.RenderResponse;
57
58 import org.apache.struts.action.ActionForm;
59 import org.apache.struts.action.ActionForward;
60 import org.apache.struts.action.ActionMapping;
61
62
68 public class EditPermissionsAction extends EditConfigurationAction {
69
70 public void processAction(
71 ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
72 ActionRequest actionRequest, ActionResponse actionResponse)
73 throws Exception {
74
75 String cmd = ParamUtil.getString(actionRequest, Constants.CMD);
76
77 try {
78 if (cmd.equals("group_permissions")) {
79 updateGroupPermissions(actionRequest);
80 }
81 else if (cmd.equals("guest_permissions")) {
82 updateGuestPermissions(actionRequest);
83 }
84 else if (cmd.equals("organization_permissions")) {
85 updateOrganizationPermissions(actionRequest);
86 }
87 else if (cmd.equals("role_permissions")) {
88 updateRolePermissions(actionRequest);
89 }
90 else if (cmd.equals("user_group_permissions")) {
91 updateUserGroupPermissions(actionRequest);
92 }
93 else if (cmd.equals("user_permissions")) {
94 updateUserPermissions(actionRequest);
95 }
96
97 String redirect = ParamUtil.getString(
98 actionRequest, "permissionsRedirect");
99
100 sendRedirect(actionRequest, actionResponse, redirect);
101 }
102 catch (Exception e) {
103 if (e instanceof PrincipalException) {
104 SessionErrors.add(actionRequest, e.getClass().getName());
105
106 setForward(
107 actionRequest, "portlet.portlet_configuration.error");
108 }
109 else {
110 throw e;
111 }
112 }
113 }
114
115 public ActionForward render(
116 ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
117 RenderRequest renderRequest, RenderResponse renderResponse)
118 throws Exception {
119
120 ThemeDisplay themeDisplay = (ThemeDisplay)renderRequest.getAttribute(
121 WebKeys.THEME_DISPLAY);
122
123 long groupId = themeDisplay.getScopeGroupId();
124
125 String portletResource = ParamUtil.getString(
126 renderRequest, "portletResource");
127 String modelResource = ParamUtil.getString(
128 renderRequest, "modelResource");
129 String resourcePrimKey = ParamUtil.getString(
130 renderRequest, "resourcePrimKey");
131
132 String selResource = portletResource;
133
134 if (Validator.isNotNull(modelResource)) {
135 selResource = modelResource;
136 }
137
138 try {
139 PermissionServiceUtil.checkPermission(
140 groupId, selResource, resourcePrimKey);
141 }
142 catch (PrincipalException pe) {
143 SessionErrors.add(
144 renderRequest, PrincipalException.class.getName());
145
146 setForward(renderRequest, "portlet.portlet_configuration.error");
147 }
148
149 Portlet portlet = PortletLocalServiceUtil.getPortletById(
150 themeDisplay.getCompanyId(), portletResource);
151
152 if (portlet != null) {
153 renderResponse.setTitle(getTitle(portlet, renderRequest));
154 }
155
156 return mapping.findForward(getForward(
157 renderRequest, "portlet.portlet_configuration.edit_permissions"));
158 }
159
160 protected String[] getActionIds(ActionRequest actionRequest, long roleId) {
161 List<String> actionIds = new ArrayList<String>();
162
163 Enumeration<String> enu = actionRequest.getParameterNames();
164
165 while (enu.hasMoreElements()) {
166 String name = enu.nextElement();
167
168 if (name.startsWith(roleId + "_ACTION_")) {
169 int pos = name.indexOf("_ACTION_");
170
171 String actionId = name.substring(pos + 8);
172
173 actionIds.add(actionId);
174 }
175 }
176
177 return actionIds.toArray(new String[actionIds.size()]);
178 }
179
180 protected void updateGroupPermissions(ActionRequest actionRequest)
181 throws Exception {
182
183 Layout layout = (Layout)actionRequest.getAttribute(WebKeys.LAYOUT);
184
185 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
186 long groupId = ParamUtil.getLong(actionRequest, "groupId");
187 String[] actionIds = StringUtil.split(
188 ParamUtil.getString(actionRequest, "groupIdActionIds"));
189
190 PermissionServiceUtil.setGroupPermissions(
191 groupId, actionIds, resourceId);
192
193 if (!layout.isPrivateLayout()) {
194 Resource resource =
195 ResourceLocalServiceUtil.getResource(resourceId);
196
197 if (resource.getPrimKey().startsWith(
198 layout.getPlid() + PortletConstants.LAYOUT_SEPARATOR)) {
199
200 CacheUtil.clearCache(layout.getCompanyId());
201 }
202 }
203 }
204
205 protected void updateGuestPermissions(ActionRequest actionRequest)
206 throws Exception {
207
208 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
209 WebKeys.THEME_DISPLAY);
210
211 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
212 String[] actionIds = StringUtil.split(
213 ParamUtil.getString(actionRequest, "guestActionIds"));
214
215 PermissionServiceUtil.setUserPermissions(
216 themeDisplay.getDefaultUserId(), themeDisplay.getScopeGroupId(),
217 actionIds, resourceId);
218 }
219
220 protected void updateOrganizationPermissions(ActionRequest actionRequest)
221 throws Exception {
222
223 Layout layout = (Layout)actionRequest.getAttribute(WebKeys.LAYOUT);
224
225 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
226 long organizationId = ParamUtil.getLong(
227 actionRequest, "organizationIdsPosValue");
228 String[] actionIds = StringUtil.split(
229 ParamUtil.getString(actionRequest, "organizationIdActionIds"));
230
233 PermissionServiceUtil.setGroupPermissions(
235 Organization.class.getName(), String.valueOf(organizationId),
236 layout.getGroupId(), actionIds, resourceId);
237
242 }
243
244 protected void updateRolePermissions(ActionRequest actionRequest)
245 throws Exception {
246
247 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
248 updateRolePermissions_5(actionRequest);
249 }
250 else if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
251 updateRolePermissions_6(actionRequest);
252 }
253 else {
254 updateRolePermissions_1to4(actionRequest);
255 }
256 }
257
258 protected void updateRolePermissions_1to4(ActionRequest actionRequest)
259 throws Exception {
260
261 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
262 WebKeys.THEME_DISPLAY);
263
264 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
265 long roleId = ParamUtil.getLong(actionRequest, "roleIdsPosValue");
266 String[] actionIds = StringUtil.split(
267 ParamUtil.getString(actionRequest, "roleIdActionIds"));
268
269 PermissionServiceUtil.setRolePermissions(
270 roleId, themeDisplay.getScopeGroupId(), actionIds, resourceId);
271 }
272
273 protected void updateRolePermissions_5(ActionRequest actionRequest)
274 throws Exception {
275
276 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
277 WebKeys.THEME_DISPLAY);
278
279 String modelResource = ParamUtil.getString(
280 actionRequest, "modelResource");
281 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
282 long resourcePrimKey = ParamUtil.getLong(
283 actionRequest, "resourcePrimKey");
284
285 Group group = themeDisplay.getScopeGroup();
286
287 if (modelResource.equals(Layout.class.getName())) {
288 Layout layout = LayoutLocalServiceUtil.getLayout(
289 resourcePrimKey);
290
291 group = layout.getGroup();
292 }
293
294 List<Role> roles = ResourceActionsUtil.getRoles(group, modelResource);
295
296 for (Role role : roles) {
297 String[] actionIds = getActionIds(actionRequest, role.getRoleId());
298
299 PermissionServiceUtil.setRolePermissions(
300 role.getRoleId(), themeDisplay.getScopeGroupId(), actionIds,
301 resourceId);
302 }
303 }
304
305 protected void updateRolePermissions_6(ActionRequest actionRequest)
306 throws Exception {
307
308 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
309 WebKeys.THEME_DISPLAY);
310
311 String portletResource = ParamUtil.getString(
312 actionRequest, "portletResource");
313 String modelResource = ParamUtil.getString(
314 actionRequest, "modelResource");
315
316 String selResource = portletResource;
317
318 if (Validator.isNotNull(modelResource)) {
319 selResource = modelResource;
320 }
321
322 String resourcePrimKey = ParamUtil.getString(
323 actionRequest, "resourcePrimKey");
324
325 Group group = themeDisplay.getScopeGroup();
326
327 if (modelResource.equals(Layout.class.getName())) {
328 long plid = GetterUtil.getLong(resourcePrimKey);
329
330 Layout layout = LayoutLocalServiceUtil.getLayout(plid);
331
332 group = layout.getGroup();
333 }
334
335 List<Role> roles = ResourceActionsUtil.getRoles(group, modelResource);
336
337 for (Role role : roles) {
338 String[] actionIds = getActionIds(actionRequest, role.getRoleId());
339
340 ResourcePermissionServiceUtil.setIndividualResourcePermissions(
341 themeDisplay.getScopeGroupId(), themeDisplay.getCompanyId(),
342 selResource, resourcePrimKey, role.getRoleId(), actionIds);
343 }
344 }
345
346 protected void updateUserGroupPermissions(ActionRequest actionRequest)
347 throws Exception {
348
349 Layout layout = (Layout)actionRequest.getAttribute(WebKeys.LAYOUT);
350
351 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
352 long userGroupId = ParamUtil.getLong(
353 actionRequest, "userGroupIdsPosValue");
354 String[] actionIds = StringUtil.split(
355 ParamUtil.getString(actionRequest, "userGroupIdActionIds"));
356
357 PermissionServiceUtil.setGroupPermissions(
358 UserGroup.class.getName(), String.valueOf(userGroupId),
359 layout.getGroupId(), actionIds, resourceId);
360 }
361
362 protected void updateUserPermissions(ActionRequest actionRequest)
363 throws Exception {
364
365 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
366 WebKeys.THEME_DISPLAY);
367
368 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
369 long userId = ParamUtil.getLong(actionRequest, "userIdsPosValue");
370 String[] actionIds = StringUtil.split(
371 ParamUtil.getString(actionRequest, "userIdActionIds"));
372
373 PermissionServiceUtil.setUserPermissions(
374 userId, themeDisplay.getScopeGroupId(), actionIds, resourceId);
375 }
376
377 }