1   /**
2    * Copyright (c) 2000-2007 Liferay, Inc. All rights reserved.
3    *
4    * Permission is hereby granted, free of charge, to any person obtaining a copy
5    * of this software and associated documentation files (the "Software"), to deal
6    * in the Software without restriction, including without limitation the rights
7    * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
8    * copies of the Software, and to permit persons to whom the Software is
9    * furnished to do so, subject to the following conditions:
10   *
11   * The above copyright notice and this permission notice shall be included in
12   * all copies or substantial portions of the Software.
13   *
14   * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15   * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16   * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
17   * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
18   * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
19   * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
20   * SOFTWARE.
21   */
22  
23  package com.liferay.portlet.enterpriseadmin.action;
24  
25  import com.liferay.portal.NoSuchRoleException;
26  import com.liferay.portal.kernel.util.Constants;
27  import com.liferay.portal.kernel.util.ParamUtil;
28  import com.liferay.portal.kernel.util.StringUtil;
29  import com.liferay.portal.kernel.util.Validator;
30  import com.liferay.portal.model.Role;
31  import com.liferay.portal.model.impl.GroupImpl;
32  import com.liferay.portal.model.impl.ResourceImpl;
33  import com.liferay.portal.model.impl.RoleImpl;
34  import com.liferay.portal.security.auth.PrincipalException;
35  import com.liferay.portal.security.permission.ResourceActionsUtil;
36  import com.liferay.portal.security.permission.comparator.ActionComparator;
37  import com.liferay.portal.service.PermissionServiceUtil;
38  import com.liferay.portal.service.RoleServiceUtil;
39  import com.liferay.portal.struts.PortletAction;
40  import com.liferay.portal.theme.ThemeDisplay;
41  import com.liferay.portal.util.WebKeys;
42  import com.liferay.util.servlet.SessionErrors;
43  import com.liferay.util.servlet.SessionMessages;
44  
45  import java.util.ArrayList;
46  import java.util.Collections;
47  import java.util.List;
48  
49  import javax.portlet.ActionRequest;
50  import javax.portlet.ActionResponse;
51  import javax.portlet.PortletConfig;
52  import javax.portlet.RenderRequest;
53  import javax.portlet.RenderResponse;
54  
55  import org.apache.struts.action.ActionForm;
56  import org.apache.struts.action.ActionForward;
57  import org.apache.struts.action.ActionMapping;
58  
59  /**
60   * <a href="EditRolePermissionsAction.java.html"><b><i>View Source</i></b></a>
61   *
62   * @author Brian Wing Shun Chan
63   *
64   */
65  public class EditRolePermissionsAction extends PortletAction {
66  
67      public void processAction(
68              ActionMapping mapping, ActionForm form, PortletConfig config,
69              ActionRequest req, ActionResponse res)
70          throws Exception {
71  
72          String cmd = ParamUtil.getString(req, Constants.CMD);
73  
74          try {
75              if (cmd.equals("actions")) {
76                  updateActions(req, res);
77              }
78              else if (cmd.equals("delete_permission")) {
79                  deletePermission(req, res);
80              }
81              else if (cmd.equals("group_permissions")) {
82                  updateGroupPermissions(req, res);
83              }
84          }
85          catch (Exception e) {
86              if (e instanceof NoSuchRoleException ||
87                  e instanceof PrincipalException) {
88  
89                  SessionErrors.add(req, e.getClass().getName());
90  
91                  setForward(req, "portlet.enterprise_admin.error");
92              }
93              else {
94                  throw e;
95              }
96          }
97      }
98  
99      public ActionForward render(
100             ActionMapping mapping, ActionForm form, PortletConfig config,
101             RenderRequest req, RenderResponse res)
102         throws Exception {
103 
104         try {
105             ActionUtil.getRole(req);
106         }
107         catch (Exception e) {
108             if (e instanceof NoSuchRoleException ||
109                 e instanceof PrincipalException) {
110 
111                 SessionErrors.add(req, e.getClass().getName());
112 
113                 return mapping.findForward("portlet.enterprise_admin.error");
114             }
115             else {
116                 throw e;
117             }
118         }
119 
120         return mapping.findForward(
121             getForward(req, "portlet.enterprise_admin.edit_role_permissions"));
122     }
123 
124     protected void deletePermission(ActionRequest req, ActionResponse res)
125         throws Exception {
126 
127         ThemeDisplay themeDisplay =
128             (ThemeDisplay)req.getAttribute(WebKeys.THEME_DISPLAY);
129 
130         long roleId = ParamUtil.getLong(req, "roleId");
131         long permissionId = ParamUtil.getLong(req, "permissionId");
132 
133         PermissionServiceUtil.unsetRolePermission(
134             roleId, themeDisplay.getPortletGroupId(), permissionId);
135 
136         // Send redirect
137 
138         SessionMessages.add(req, "permissionDeleted");
139 
140         String redirect = ParamUtil.getString(req, "redirect");
141 
142         res.sendRedirect(redirect);
143     }
144 
145     protected void updateActions(ActionRequest req, ActionResponse res)
146         throws Exception {
147 
148         ThemeDisplay themeDisplay =
149             (ThemeDisplay)req.getAttribute(WebKeys.THEME_DISPLAY);
150 
151         long roleId = ParamUtil.getLong(req, "roleId");
152 
153         String portletResource = ParamUtil.getString(req, "portletResource");
154         String modelResource = ParamUtil.getString(req, "modelResource");
155 
156         String selResource = modelResource;
157 
158         if (Validator.isNull(modelResource)) {
159             selResource = portletResource;
160         }
161 
162         List groupScopeActionIds = new ArrayList();
163 
164         List actions = ResourceActionsUtil.getResourceActions(
165             themeDisplay.getCompanyId(), portletResource, modelResource);
166 
167         Collections.sort(
168             actions,
169             new ActionComparator(
170                 themeDisplay.getCompanyId(), themeDisplay.getLocale()));
171 
172         Role role = RoleServiceUtil.getRole(roleId);
173 
174         for (int i = 0; i < actions.size(); i++) {
175             String actionId = (String)actions.get(i);
176 
177             int scope = ParamUtil.getInteger(req, "scope" + actionId);
178 
179             if (scope == ResourceImpl.SCOPE_COMPANY) {
180                 PermissionServiceUtil.setRolePermission(
181                     roleId, themeDisplay.getPortletGroupId(), selResource,
182                     scope, String.valueOf(themeDisplay.getCompanyId()),
183                     actionId);
184             }
185             else if (scope == ResourceImpl.SCOPE_GROUP) {
186                 if (role.getType() == RoleImpl.TYPE_COMMUNITY) {
187                     PermissionServiceUtil.setRolePermission(
188                         roleId, themeDisplay.getPortletGroupId(), selResource,
189                         ResourceImpl.SCOPE_GROUP_TEMPLATE,
190                         String.valueOf(GroupImpl.DEFAULT_PARENT_GROUP_ID),
191                         actionId);
192                 }
193                 else {
194                     groupScopeActionIds.add(actionId);
195                 }
196             }
197             else {
198 
199                 // Remove company, group template, and group permissions
200 
201                 PermissionServiceUtil.unsetRolePermissions(
202                     roleId, themeDisplay.getPortletGroupId(), selResource,
203                     ResourceImpl.SCOPE_COMPANY, actionId);
204 
205                 PermissionServiceUtil.unsetRolePermissions(
206                     roleId, themeDisplay.getPortletGroupId(), selResource,
207                     ResourceImpl.SCOPE_GROUP_TEMPLATE, actionId);
208 
209                 PermissionServiceUtil.unsetRolePermissions(
210                     roleId, themeDisplay.getPortletGroupId(), selResource,
211                     ResourceImpl.SCOPE_GROUP, actionId);
212             }
213         }
214 
215         // Send redirect
216 
217         String redirect = ParamUtil.getString(req, "redirect");
218 
219         if (groupScopeActionIds.size() == 0) {
220             SessionMessages.add(req, "permissionsUpdated");
221 
222             redirect += "&" + Constants.CMD + "=" + Constants.VIEW;
223         }
224         else {
225             redirect +=
226                 "&groupScopePos=0&groupScopeActionIds=" +
227                     StringUtil.merge(groupScopeActionIds);
228         }
229 
230         res.sendRedirect(redirect);
231     }
232 
233     protected void updateGroupPermissions(ActionRequest req, ActionResponse res)
234         throws Exception {
235 
236         ThemeDisplay themeDisplay =
237             (ThemeDisplay)req.getAttribute(WebKeys.THEME_DISPLAY);
238 
239         long roleId = ParamUtil.getLong(req, "roleId");
240 
241         String portletResource = ParamUtil.getString(req, "portletResource");
242         String modelResource = ParamUtil.getString(req, "modelResource");
243 
244         String selResource = modelResource;
245         if (Validator.isNull(modelResource)) {
246             selResource = portletResource;
247         }
248 
249         int groupScopePos = ParamUtil.getInteger(req, "groupScopePos");
250         String[] groupScopeActionIds = StringUtil.split(
251             ParamUtil.getString(req, "groupScopeActionIds"));
252 
253         String actionId = groupScopeActionIds[groupScopePos];
254 
255         String[] addGroupIds = StringUtil.split(
256             ParamUtil.getString(req, "addGroupIds"));
257         String[] removeGroupIds = StringUtil.split(
258             ParamUtil.getString(req, "removeGroupIds"));
259 
260         for (int i = 0; i < addGroupIds.length; i++) {
261             PermissionServiceUtil.setRolePermission(
262                 roleId, themeDisplay.getPortletGroupId(), selResource,
263                 ResourceImpl.SCOPE_GROUP, addGroupIds[i], actionId);
264         }
265 
266         for (int i = 0; i < removeGroupIds.length; i++) {
267             PermissionServiceUtil.unsetRolePermission(
268                 roleId, themeDisplay.getPortletGroupId(), selResource,
269                 ResourceImpl.SCOPE_GROUP, removeGroupIds[i], actionId);
270         }
271 
272         String redirect = ParamUtil.getString(req, "redirect");
273 
274         if (redirect.indexOf("groupScopePos=" + groupScopePos + "&") != -1) {
275 
276             // Show message only if the user stayed on the same page
277 
278             SessionMessages.add(req, "request_processed");
279         }
280         else if ((groupScopePos + 1) == groupScopeActionIds.length) {
281             SessionMessages.add(req, "permissionsUpdated");
282         }
283 
284         res.sendRedirect(redirect);
285     }
286 
287 }