1
14
15 package com.liferay.portlet.portletconfiguration.action;
16
17 import com.liferay.portal.kernel.servlet.SessionErrors;
18 import com.liferay.portal.kernel.util.Constants;
19 import com.liferay.portal.kernel.util.ParamUtil;
20 import com.liferay.portal.kernel.util.StringUtil;
21 import com.liferay.portal.kernel.util.Validator;
22 import com.liferay.portal.model.Layout;
23 import com.liferay.portal.model.Organization;
24 import com.liferay.portal.model.Portlet;
25 import com.liferay.portal.model.PortletConstants;
26 import com.liferay.portal.model.Resource;
27 import com.liferay.portal.model.UserGroup;
28 import com.liferay.portal.security.auth.PrincipalException;
29 import com.liferay.portal.service.PermissionServiceUtil;
30 import com.liferay.portal.service.PortletLocalServiceUtil;
31 import com.liferay.portal.service.ResourceLocalServiceUtil;
32 import com.liferay.portal.service.ResourcePermissionServiceUtil;
33 import com.liferay.portal.servlet.filters.cache.CacheUtil;
34 import com.liferay.portal.theme.ThemeDisplay;
35 import com.liferay.portal.util.PropsValues;
36 import com.liferay.portal.util.WebKeys;
37
38 import java.util.ArrayList;
39 import java.util.Enumeration;
40 import java.util.List;
41
42 import javax.portlet.ActionRequest;
43 import javax.portlet.ActionResponse;
44 import javax.portlet.PortletConfig;
45 import javax.portlet.RenderRequest;
46 import javax.portlet.RenderResponse;
47
48 import org.apache.struts.action.ActionForm;
49 import org.apache.struts.action.ActionForward;
50 import org.apache.struts.action.ActionMapping;
51
52
57 public class EditPermissionsAction extends EditConfigurationAction {
58
59 public void processAction(
60 ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
61 ActionRequest actionRequest, ActionResponse actionResponse)
62 throws Exception {
63
64 String cmd = ParamUtil.getString(actionRequest, Constants.CMD);
65
66 try {
67 if (cmd.equals("group_permissions")) {
68 updateGroupPermissions(actionRequest);
69 }
70 else if (cmd.equals("guest_permissions")) {
71 updateGuestPermissions(actionRequest);
72 }
73 else if (cmd.equals("organization_permissions")) {
74 updateOrganizationPermissions(actionRequest);
75 }
76 else if (cmd.equals("role_permissions")) {
77 updateRolePermissions(actionRequest);
78 }
79 else if (cmd.equals("user_group_permissions")) {
80 updateUserGroupPermissions(actionRequest);
81 }
82 else if (cmd.equals("user_permissions")) {
83 updateUserPermissions(actionRequest);
84 }
85
86 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM < 5) {
87 String redirect = ParamUtil.getString(
88 actionRequest, "permissionsRedirect");
89
90 sendRedirect(actionRequest, actionResponse, redirect);
91 }
92 else {
93 addSuccessMessage(actionRequest, actionResponse);
94 }
95 }
96 catch (Exception e) {
97 if (e instanceof PrincipalException) {
98 SessionErrors.add(actionRequest, e.getClass().getName());
99
100 setForward(
101 actionRequest, "portlet.portlet_configuration.error");
102 }
103 else {
104 throw e;
105 }
106 }
107 }
108
109 public ActionForward render(
110 ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
111 RenderRequest renderRequest, RenderResponse renderResponse)
112 throws Exception {
113
114 ThemeDisplay themeDisplay = (ThemeDisplay)renderRequest.getAttribute(
115 WebKeys.THEME_DISPLAY);
116
117 long groupId = themeDisplay.getScopeGroupId();
118
119 String portletResource = ParamUtil.getString(
120 renderRequest, "portletResource");
121 String modelResource = ParamUtil.getString(
122 renderRequest, "modelResource");
123 String resourcePrimKey = ParamUtil.getString(
124 renderRequest, "resourcePrimKey");
125
126 String selResource = portletResource;
127
128 if (Validator.isNotNull(modelResource)) {
129 selResource = modelResource;
130 }
131
132 try {
133 PermissionServiceUtil.checkPermission(
134 groupId, selResource, resourcePrimKey);
135 }
136 catch (PrincipalException pe) {
137 SessionErrors.add(
138 renderRequest, PrincipalException.class.getName());
139
140 setForward(renderRequest, "portlet.portlet_configuration.error");
141 }
142
143 Portlet portlet = PortletLocalServiceUtil.getPortletById(
144 themeDisplay.getCompanyId(), portletResource);
145
146 if (portlet != null) {
147 renderResponse.setTitle(getTitle(portlet, renderRequest));
148 }
149
150 return mapping.findForward(getForward(
151 renderRequest, "portlet.portlet_configuration.edit_permissions"));
152 }
153
154 protected String[] getActionIds(ActionRequest actionRequest, long roleId) {
155 List<String> actionIds = new ArrayList<String>();
156
157 Enumeration<String> enu = actionRequest.getParameterNames();
158
159 while (enu.hasMoreElements()) {
160 String name = enu.nextElement();
161
162 if (name.startsWith(roleId + "_ACTION_")) {
163 int pos = name.indexOf("_ACTION_");
164
165 String actionId = name.substring(pos + 8);
166
167 actionIds.add(actionId);
168 }
169 }
170
171 return actionIds.toArray(new String[actionIds.size()]);
172 }
173
174 protected void updateGroupPermissions(ActionRequest actionRequest)
175 throws Exception {
176
177 Layout layout = (Layout)actionRequest.getAttribute(WebKeys.LAYOUT);
178
179 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
180 long groupId = ParamUtil.getLong(actionRequest, "groupId");
181 String[] actionIds = StringUtil.split(
182 ParamUtil.getString(actionRequest, "groupIdActionIds"));
183
184 PermissionServiceUtil.setGroupPermissions(
185 groupId, actionIds, resourceId);
186
187 if (!layout.isPrivateLayout()) {
188 Resource resource =
189 ResourceLocalServiceUtil.getResource(resourceId);
190
191 if (resource.getPrimKey().startsWith(
192 layout.getPlid() + PortletConstants.LAYOUT_SEPARATOR)) {
193
194 CacheUtil.clearCache(layout.getCompanyId());
195 }
196 }
197 }
198
199 protected void updateGuestPermissions(ActionRequest actionRequest)
200 throws Exception {
201
202 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
203 WebKeys.THEME_DISPLAY);
204
205 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
206 String[] actionIds = StringUtil.split(
207 ParamUtil.getString(actionRequest, "guestActionIds"));
208
209 PermissionServiceUtil.setUserPermissions(
210 themeDisplay.getDefaultUserId(), themeDisplay.getScopeGroupId(),
211 actionIds, resourceId);
212 }
213
214 protected void updateOrganizationPermissions(ActionRequest actionRequest)
215 throws Exception {
216
217 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
218 WebKeys.THEME_DISPLAY);
219
220 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
221 long organizationId = ParamUtil.getLong(
222 actionRequest, "organizationIdsPosValue");
223 String[] actionIds = StringUtil.split(
224 ParamUtil.getString(actionRequest, "organizationIdActionIds"));
225
228 PermissionServiceUtil.setGroupPermissions(
230 Organization.class.getName(), String.valueOf(organizationId),
231 themeDisplay.getScopeGroupId(), actionIds, resourceId);
232
237 }
238
239 protected void updateRolePermissions(ActionRequest actionRequest)
240 throws Exception {
241
242 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
243 updateRolePermissions_5(actionRequest);
244 }
245 else if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
246 updateRolePermissions_6(actionRequest);
247 }
248 else {
249 updateRolePermissions_1to4(actionRequest);
250 }
251 }
252
253 protected void updateRolePermissions_1to4(ActionRequest actionRequest)
254 throws Exception {
255
256 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
257 WebKeys.THEME_DISPLAY);
258
259 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
260 long roleId = ParamUtil.getLong(actionRequest, "roleIdsPosValue");
261 String[] actionIds = StringUtil.split(
262 ParamUtil.getString(actionRequest, "roleIdActionIds"));
263
264 PermissionServiceUtil.setRolePermissions(
265 roleId, themeDisplay.getScopeGroupId(), actionIds, resourceId);
266 }
267
268 protected void updateRolePermissions_5(ActionRequest actionRequest)
269 throws Exception {
270
271 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
272 WebKeys.THEME_DISPLAY);
273
274 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
275 long[] roleIds = StringUtil.split(
276 ParamUtil.getString(
277 actionRequest, "rolesSearchContainerPrimaryKeys"), 0L);
278
279 for (long roleId : roleIds) {
280 String[] actionIds = getActionIds(actionRequest, roleId);
281
282 PermissionServiceUtil.setRolePermissions(
283 roleId, themeDisplay.getScopeGroupId(), actionIds, resourceId);
284 }
285 }
286
287 protected void updateRolePermissions_6(ActionRequest actionRequest)
288 throws Exception {
289
290 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
291 WebKeys.THEME_DISPLAY);
292
293 String portletResource = ParamUtil.getString(
294 actionRequest, "portletResource");
295 String modelResource = ParamUtil.getString(
296 actionRequest, "modelResource");
297 long[] roleIds = StringUtil.split(
298 ParamUtil.getString(
299 actionRequest, "rolesSearchContainerPrimaryKeys"), 0L);
300
301 String selResource = PortletConstants.getRootPortletId(portletResource);
302
303 if (Validator.isNotNull(modelResource)) {
304 selResource = modelResource;
305 }
306
307 String resourcePrimKey = ParamUtil.getString(
308 actionRequest, "resourcePrimKey");
309
310 for (long roleId : roleIds) {
311 String[] actionIds = getActionIds(actionRequest, roleId);
312
313 ResourcePermissionServiceUtil.setIndividualResourcePermissions(
314 themeDisplay.getScopeGroupId(), themeDisplay.getCompanyId(),
315 selResource, resourcePrimKey, roleId, actionIds);
316 }
317 }
318
319 protected void updateUserGroupPermissions(ActionRequest actionRequest)
320 throws Exception {
321
322 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
323 WebKeys.THEME_DISPLAY);
324
325 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
326 long userGroupId = ParamUtil.getLong(
327 actionRequest, "userGroupIdsPosValue");
328 String[] actionIds = StringUtil.split(
329 ParamUtil.getString(actionRequest, "userGroupIdActionIds"));
330
331 PermissionServiceUtil.setGroupPermissions(
332 UserGroup.class.getName(), String.valueOf(userGroupId),
333 themeDisplay.getScopeGroupId(), actionIds, resourceId);
334 }
335
336 protected void updateUserPermissions(ActionRequest actionRequest)
337 throws Exception {
338
339 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
340 WebKeys.THEME_DISPLAY);
341
342 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
343 long userId = ParamUtil.getLong(actionRequest, "userIdsPosValue");
344 String[] actionIds = StringUtil.split(
345 ParamUtil.getString(actionRequest, "userIdActionIds"));
346
347 PermissionServiceUtil.setUserPermissions(
348 userId, themeDisplay.getScopeGroupId(), actionIds, resourceId);
349 }
350
351 }