1
22
23 package com.liferay.portlet.enterpriseadmin.action;
24
25 import com.liferay.portal.NoSuchRoleException;
26 import com.liferay.portal.kernel.util.Constants;
27 import com.liferay.portal.kernel.util.ParamUtil;
28 import com.liferay.portal.kernel.util.StringUtil;
29 import com.liferay.portal.kernel.util.Validator;
30 import com.liferay.portal.model.Role;
31 import com.liferay.portal.model.impl.GroupImpl;
32 import com.liferay.portal.model.impl.ResourceImpl;
33 import com.liferay.portal.model.impl.RoleImpl;
34 import com.liferay.portal.security.auth.PrincipalException;
35 import com.liferay.portal.security.permission.ResourceActionsUtil;
36 import com.liferay.portal.security.permission.comparator.ActionComparator;
37 import com.liferay.portal.service.PermissionServiceUtil;
38 import com.liferay.portal.service.RoleServiceUtil;
39 import com.liferay.portal.struts.PortletAction;
40 import com.liferay.portal.theme.ThemeDisplay;
41 import com.liferay.portal.util.WebKeys;
42 import com.liferay.util.servlet.SessionErrors;
43 import com.liferay.util.servlet.SessionMessages;
44
45 import java.util.ArrayList;
46 import java.util.Collections;
47 import java.util.List;
48
49 import javax.portlet.ActionRequest;
50 import javax.portlet.ActionResponse;
51 import javax.portlet.PortletConfig;
52 import javax.portlet.RenderRequest;
53 import javax.portlet.RenderResponse;
54
55 import org.apache.struts.action.ActionForm;
56 import org.apache.struts.action.ActionForward;
57 import org.apache.struts.action.ActionMapping;
58
59
65 public class EditRolePermissionsAction extends PortletAction {
66
67 public void processAction(
68 ActionMapping mapping, ActionForm form, PortletConfig config,
69 ActionRequest req, ActionResponse res)
70 throws Exception {
71
72 String cmd = ParamUtil.getString(req, Constants.CMD);
73
74 try {
75 if (cmd.equals("actions")) {
76 updateActions(req, res);
77 }
78 else if (cmd.equals("delete_permission")) {
79 deletePermission(req, res);
80 }
81 else if (cmd.equals("group_permissions")) {
82 updateGroupPermissions(req, res);
83 }
84 }
85 catch (Exception e) {
86 if (e instanceof NoSuchRoleException ||
87 e instanceof PrincipalException) {
88
89 SessionErrors.add(req, e.getClass().getName());
90
91 setForward(req, "portlet.enterprise_admin.error");
92 }
93 else {
94 throw e;
95 }
96 }
97 }
98
99 public ActionForward render(
100 ActionMapping mapping, ActionForm form, PortletConfig config,
101 RenderRequest req, RenderResponse res)
102 throws Exception {
103
104 try {
105 ActionUtil.getRole(req);
106 }
107 catch (Exception e) {
108 if (e instanceof NoSuchRoleException ||
109 e instanceof PrincipalException) {
110
111 SessionErrors.add(req, e.getClass().getName());
112
113 return mapping.findForward("portlet.enterprise_admin.error");
114 }
115 else {
116 throw e;
117 }
118 }
119
120 return mapping.findForward(
121 getForward(req, "portlet.enterprise_admin.edit_role_permissions"));
122 }
123
124 protected void deletePermission(ActionRequest req, ActionResponse res)
125 throws Exception {
126
127 ThemeDisplay themeDisplay =
128 (ThemeDisplay)req.getAttribute(WebKeys.THEME_DISPLAY);
129
130 long roleId = ParamUtil.getLong(req, "roleId");
131 long permissionId = ParamUtil.getLong(req, "permissionId");
132
133 PermissionServiceUtil.unsetRolePermission(
134 roleId, themeDisplay.getPortletGroupId(), permissionId);
135
136
138 SessionMessages.add(req, "permissionDeleted");
139
140 String redirect = ParamUtil.getString(req, "redirect");
141
142 res.sendRedirect(redirect);
143 }
144
145 protected void updateActions(ActionRequest req, ActionResponse res)
146 throws Exception {
147
148 ThemeDisplay themeDisplay =
149 (ThemeDisplay)req.getAttribute(WebKeys.THEME_DISPLAY);
150
151 long roleId = ParamUtil.getLong(req, "roleId");
152
153 String portletResource = ParamUtil.getString(req, "portletResource");
154 String modelResource = ParamUtil.getString(req, "modelResource");
155
156 String selResource = modelResource;
157
158 if (Validator.isNull(modelResource)) {
159 selResource = portletResource;
160 }
161
162 List groupScopeActionIds = new ArrayList();
163
164 List actions = ResourceActionsUtil.getResourceActions(
165 themeDisplay.getCompanyId(), portletResource, modelResource);
166
167 Collections.sort(
168 actions,
169 new ActionComparator(
170 themeDisplay.getCompanyId(), themeDisplay.getLocale()));
171
172 Role role = RoleServiceUtil.getRole(roleId);
173
174 for (int i = 0; i < actions.size(); i++) {
175 String actionId = (String)actions.get(i);
176
177 int scope = ParamUtil.getInteger(req, "scope" + actionId);
178
179 if (scope == ResourceImpl.SCOPE_COMPANY) {
180 PermissionServiceUtil.setRolePermission(
181 roleId, themeDisplay.getPortletGroupId(), selResource,
182 scope, String.valueOf(themeDisplay.getCompanyId()),
183 actionId);
184 }
185 else if (scope == ResourceImpl.SCOPE_GROUP) {
186 if (role.getType() == RoleImpl.TYPE_COMMUNITY) {
187 PermissionServiceUtil.setRolePermission(
188 roleId, themeDisplay.getPortletGroupId(), selResource,
189 ResourceImpl.SCOPE_GROUP_TEMPLATE,
190 String.valueOf(GroupImpl.DEFAULT_PARENT_GROUP_ID),
191 actionId);
192 }
193 else {
194 groupScopeActionIds.add(actionId);
195 }
196 }
197 else {
198
199
201 PermissionServiceUtil.unsetRolePermissions(
202 roleId, themeDisplay.getPortletGroupId(), selResource,
203 ResourceImpl.SCOPE_COMPANY, actionId);
204
205 PermissionServiceUtil.unsetRolePermissions(
206 roleId, themeDisplay.getPortletGroupId(), selResource,
207 ResourceImpl.SCOPE_GROUP_TEMPLATE, actionId);
208
209 PermissionServiceUtil.unsetRolePermissions(
210 roleId, themeDisplay.getPortletGroupId(), selResource,
211 ResourceImpl.SCOPE_GROUP, actionId);
212 }
213 }
214
215
217 String redirect = ParamUtil.getString(req, "redirect");
218
219 if (groupScopeActionIds.size() == 0) {
220 SessionMessages.add(req, "permissionsUpdated");
221
222 redirect += "&" + Constants.CMD + "=" + Constants.VIEW;
223 }
224 else {
225 redirect +=
226 "&groupScopePos=0&groupScopeActionIds=" +
227 StringUtil.merge(groupScopeActionIds);
228 }
229
230 res.sendRedirect(redirect);
231 }
232
233 protected void updateGroupPermissions(ActionRequest req, ActionResponse res)
234 throws Exception {
235
236 ThemeDisplay themeDisplay =
237 (ThemeDisplay)req.getAttribute(WebKeys.THEME_DISPLAY);
238
239 long roleId = ParamUtil.getLong(req, "roleId");
240
241 String portletResource = ParamUtil.getString(req, "portletResource");
242 String modelResource = ParamUtil.getString(req, "modelResource");
243
244 String selResource = modelResource;
245 if (Validator.isNull(modelResource)) {
246 selResource = portletResource;
247 }
248
249 int groupScopePos = ParamUtil.getInteger(req, "groupScopePos");
250 String[] groupScopeActionIds = StringUtil.split(
251 ParamUtil.getString(req, "groupScopeActionIds"));
252
253 String actionId = groupScopeActionIds[groupScopePos];
254
255 String[] addGroupIds = StringUtil.split(
256 ParamUtil.getString(req, "addGroupIds"));
257 String[] removeGroupIds = StringUtil.split(
258 ParamUtil.getString(req, "removeGroupIds"));
259
260 for (int i = 0; i < addGroupIds.length; i++) {
261 PermissionServiceUtil.setRolePermission(
262 roleId, themeDisplay.getPortletGroupId(), selResource,
263 ResourceImpl.SCOPE_GROUP, addGroupIds[i], actionId);
264 }
265
266 for (int i = 0; i < removeGroupIds.length; i++) {
267 PermissionServiceUtil.unsetRolePermission(
268 roleId, themeDisplay.getPortletGroupId(), selResource,
269 ResourceImpl.SCOPE_GROUP, removeGroupIds[i], actionId);
270 }
271
272 String redirect = ParamUtil.getString(req, "redirect");
273
274 if (redirect.indexOf("groupScopePos=" + groupScopePos + "&") != -1) {
275
276
278 SessionMessages.add(req, "request_processed");
279 }
280 else if ((groupScopePos + 1) == groupScopeActionIds.length) {
281 SessionMessages.add(req, "permissionsUpdated");
282 }
283
284 res.sendRedirect(redirect);
285 }
286
287 }