1
14
15 package com.liferay.portal.service.permission;
16
17 import com.liferay.portal.PortalException;
18 import com.liferay.portal.SystemException;
19 import com.liferay.portal.kernel.log.Log;
20 import com.liferay.portal.kernel.log.LogFactoryUtil;
21 import com.liferay.portal.model.Group;
22 import com.liferay.portal.model.Layout;
23 import com.liferay.portal.model.Portlet;
24 import com.liferay.portal.model.PortletConstants;
25 import com.liferay.portal.security.auth.PrincipalException;
26 import com.liferay.portal.security.permission.ActionKeys;
27 import com.liferay.portal.security.permission.PermissionChecker;
28 import com.liferay.portal.security.permission.ResourceActionsUtil;
29 import com.liferay.portal.service.GroupLocalServiceUtil;
30 import com.liferay.portal.service.LayoutLocalServiceUtil;
31 import com.liferay.portal.util.PropsValues;
32
33 import java.util.List;
34
35
40 public class PortletPermissionImpl implements PortletPermission {
41
42 public static final boolean DEFAULT_STRICT = false;
43
44 public void check(
45 PermissionChecker permissionChecker, long groupId, long plid,
46 String portletId, String actionId)
47 throws PortalException, SystemException {
48
49 check(
50 permissionChecker, groupId, plid, portletId, actionId,
51 DEFAULT_STRICT);
52 }
53
54 public void check(
55 PermissionChecker permissionChecker, long groupId, long plid,
56 String portletId, String actionId, boolean strict)
57 throws PortalException, SystemException {
58
59 if (!contains(
60 permissionChecker, groupId, plid, portletId, actionId,
61 strict)) {
62
63 throw new PrincipalException();
64 }
65 }
66
67 public void check(
68 PermissionChecker permissionChecker, long plid, String portletId,
69 String actionId)
70 throws PortalException, SystemException {
71
72 check(permissionChecker, plid, portletId, actionId, DEFAULT_STRICT);
73 }
74
75 public void check(
76 PermissionChecker permissionChecker, long plid, String portletId,
77 String actionId, boolean strict)
78 throws PortalException, SystemException {
79
80 if (!contains(permissionChecker, plid, portletId, actionId, strict)) {
81 throw new PrincipalException();
82 }
83 }
84
85 public void check(
86 PermissionChecker permissionChecker, String portletId,
87 String actionId)
88 throws PortalException, SystemException {
89
90 if (!contains(permissionChecker, portletId, actionId)) {
91 throw new PrincipalException();
92 }
93 }
94
95 public boolean contains(
96 PermissionChecker permissionChecker, long groupId, long plid,
97 Portlet portlet, String actionId)
98 throws PortalException, SystemException {
99
100 return contains(
101 permissionChecker, groupId, plid, portlet, actionId,
102 DEFAULT_STRICT);
103 }
104
105 public boolean contains(
106 PermissionChecker permissionChecker, long groupId, long plid,
107 Portlet portlet, String actionId, boolean strict)
108 throws PortalException, SystemException {
109
110 if (portlet.isUndeployedPortlet()) {
111 return false;
112 }
113
114 boolean value = contains(
115 permissionChecker, groupId, plid, portlet.getPortletId(), actionId,
116 strict);
117
118 if (value) {
119 return true;
120 }
121 else {
122 if (portlet.isSystem() && actionId.equals(ActionKeys.VIEW)) {
123 return true;
124 }
125 else {
126 return false;
127 }
128 }
129 }
130
131 public boolean contains(
132 PermissionChecker permissionChecker, long groupId, long plid,
133 String portletId, String actionId)
134 throws PortalException, SystemException {
135
136 return contains(
137 permissionChecker, groupId, plid, portletId, actionId,
138 DEFAULT_STRICT);
139 }
140
141 public boolean contains(
142 PermissionChecker permissionChecker, long groupId, long plid,
143 String portletId, String actionId, boolean strict)
144 throws PortalException, SystemException {
145
146 String name = null;
147 String primKey = null;
148
149 if (plid > 0) {
150 Layout layout = LayoutLocalServiceUtil.getLayout(plid);
151
152 groupId = layout.getGroupId();
153 name = PortletConstants.getRootPortletId(portletId);
154 primKey = getPrimaryKey(plid, portletId);
155
156 if ((layout.isPrivateLayout() &&
157 !PropsValues.LAYOUT_USER_PRIVATE_LAYOUTS_MODIFIABLE) ||
158 (layout.isPublicLayout() &&
159 !PropsValues.LAYOUT_USER_PUBLIC_LAYOUTS_MODIFIABLE)) {
160
161 if (actionId.equals(ActionKeys.CONFIGURATION)) {
162 Group group = GroupLocalServiceUtil.getGroup(
163 layout.getGroupId());
164
165 if (group.isUser()) {
166 return false;
167 }
168 }
169 }
170
171 if (actionId.equals(ActionKeys.VIEW)) {
172 Group group = GroupLocalServiceUtil.getGroup(
173 layout.getGroupId());
174
175 if (group.isControlPanel()) {
176 return true;
177 }
178 }
179
180 if (!strict) {
181 if (LayoutPermissionUtil.contains(
182 permissionChecker, groupId, layout.isPrivateLayout(),
183 layout.getLayoutId(), ActionKeys.UPDATE) &&
184 hasLayoutManagerPermission(portletId, actionId)) {
185
186 return true;
187 }
188 }
189 }
190 else {
191 name = portletId;
192 primKey = portletId;
193 }
194
195 return permissionChecker.hasPermission(
196 groupId, name, primKey, actionId);
197 }
198
199 public boolean contains(
200 PermissionChecker permissionChecker, long plid, Portlet portlet,
201 String actionId)
202 throws PortalException, SystemException {
203
204 return contains(
205 permissionChecker, plid, portlet, actionId, DEFAULT_STRICT);
206 }
207
208 public boolean contains(
209 PermissionChecker permissionChecker, long plid, Portlet portlet,
210 String actionId, boolean strict)
211 throws PortalException, SystemException {
212
213 return contains(
214 permissionChecker, 0, plid, portlet, actionId, strict);
215 }
216
217 public boolean contains(
218 PermissionChecker permissionChecker, long plid, String portletId,
219 String actionId)
220 throws PortalException, SystemException {
221
222 return contains(
223 permissionChecker, plid, portletId, actionId, DEFAULT_STRICT);
224 }
225
226 public boolean contains(
227 PermissionChecker permissionChecker, long plid, String portletId,
228 String actionId, boolean strict)
229 throws PortalException, SystemException {
230
231 return contains(
232 permissionChecker, 0, plid, portletId, actionId, strict);
233 }
234
235 public boolean contains(
236 PermissionChecker permissionChecker, String portletId,
237 String actionId)
238 throws PortalException, SystemException {
239
240 return contains(permissionChecker, 0, portletId, actionId);
241 }
242
243 public String getPrimaryKey(long plid, String portletId) {
244 return String.valueOf(plid).concat(
245 PortletConstants.LAYOUT_SEPARATOR).concat(portletId);
246 }
247
248 public boolean hasLayoutManagerPermission(
249 String portletId, String actionId) {
250
251 try {
252 return hasLayoutManagerPermissionImpl(portletId, actionId);
253 }
254 catch (Exception e) {
255 _log.error(e, e);
256
257 return false;
258 }
259 }
260
261 protected boolean hasLayoutManagerPermissionImpl(
262 String portletId, String actionId) {
263
264 portletId = PortletConstants.getRootPortletId(portletId);
265
266 List<String> layoutManagerActions =
267 ResourceActionsUtil.getPortletResourceLayoutManagerActions(
268 portletId);
269
270 return layoutManagerActions.contains(actionId);
271 }
272
273 private static Log _log = LogFactoryUtil.getLog(
274 PortletPermissionImpl.class);
275
276 }