1   /**
2    * Copyright (c) 2000-2008 Liferay, Inc. All rights reserved.
3    *
4    * Permission is hereby granted, free of charge, to any person obtaining a copy
5    * of this software and associated documentation files (the "Software"), to deal
6    * in the Software without restriction, including without limitation the rights
7    * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
8    * copies of the Software, and to permit persons to whom the Software is
9    * furnished to do so, subject to the following conditions:
10   *
11   * The above copyright notice and this permission notice shall be included in
12   * all copies or substantial portions of the Software.
13   *
14   * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15   * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16   * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
17   * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
18   * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
19   * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
20   * SOFTWARE.
21   */
22  
23  package com.liferay.portlet.portletconfiguration.action;
24  
25  import com.liferay.portal.kernel.util.Constants;
26  import com.liferay.portal.kernel.util.ParamUtil;
27  import com.liferay.portal.kernel.util.StringUtil;
28  import com.liferay.portal.kernel.util.Validator;
29  import com.liferay.portal.model.Layout;
30  import com.liferay.portal.model.Organization;
31  import com.liferay.portal.model.Portlet;
32  import com.liferay.portal.model.Resource;
33  import com.liferay.portal.model.UserGroup;
34  import com.liferay.portal.model.impl.PortletImpl;
35  import com.liferay.portal.security.auth.PrincipalException;
36  import com.liferay.portal.service.PermissionServiceUtil;
37  import com.liferay.portal.service.PortletLocalServiceUtil;
38  import com.liferay.portal.service.ResourceLocalServiceUtil;
39  import com.liferay.portal.servlet.filters.layoutcache.LayoutCacheUtil;
40  import com.liferay.portal.theme.ThemeDisplay;
41  import com.liferay.portal.util.WebKeys;
42  import com.liferay.util.servlet.SessionErrors;
43  
44  import javax.portlet.ActionRequest;
45  import javax.portlet.ActionResponse;
46  import javax.portlet.PortletConfig;
47  import javax.portlet.RenderRequest;
48  import javax.portlet.RenderResponse;
49  
50  import org.apache.struts.action.ActionForm;
51  import org.apache.struts.action.ActionForward;
52  import org.apache.struts.action.ActionMapping;
53  
54  /**
55   * <a href="EditPermissionsAction.java.html"><b><i>View Source</i></b></a>
56   *
57   * @author Brian Wing Shun Chan
58   *
59   */
60  public class EditPermissionsAction extends EditConfigurationAction {
61  
62      public void processAction(
63              ActionMapping mapping, ActionForm form, PortletConfig config,
64              ActionRequest req, ActionResponse res)
65          throws Exception {
66  
67          String cmd = ParamUtil.getString(req, Constants.CMD);
68  
69          try {
70              if (cmd.equals("group_permissions")) {
71                  updateGroupPermissions(req);
72              }
73              else if (cmd.equals("guest_permissions")) {
74                  updateGuestPermissions(req);
75              }
76              else if (cmd.equals("organization_permissions")) {
77                  updateOrganizationPermissions(req);
78              }
79              else if (cmd.equals("role_permissions")) {
80                  updateRolePermissions(req);
81              }
82              else if (cmd.equals("user_group_permissions")) {
83                  updateUserGroupPermissions(req);
84              }
85              else if (cmd.equals("user_permissions")) {
86                  updateUserPermissions(req);
87              }
88  
89              String redirect = ParamUtil.getString(req, "permissionsRedirect");
90  
91              sendRedirect(req, res, redirect);
92          }
93          catch (Exception e) {
94              if (e instanceof PrincipalException) {
95                  SessionErrors.add(req, e.getClass().getName());
96  
97                  setForward(req, "portlet.portlet_configuration.error");
98              }
99              else {
100                 throw e;
101             }
102         }
103     }
104 
105     public ActionForward render(
106             ActionMapping mapping, ActionForm form, PortletConfig config,
107             RenderRequest req, RenderResponse res)
108         throws Exception {
109 
110         ThemeDisplay themeDisplay =
111             (ThemeDisplay)req.getAttribute(WebKeys.THEME_DISPLAY);
112 
113         long groupId = themeDisplay.getPortletGroupId();
114 
115         String portletResource = ParamUtil.getString(req, "portletResource");
116         String modelResource = ParamUtil.getString(req, "modelResource");
117         String resourcePrimKey = ParamUtil.getString(req, "resourcePrimKey");
118 
119         String selResource = portletResource;
120 
121         if (Validator.isNotNull(modelResource)) {
122             selResource = modelResource;
123         }
124 
125         try {
126             PermissionServiceUtil.checkPermission(
127                 groupId, selResource, resourcePrimKey);
128         }
129         catch (PrincipalException pe) {
130             SessionErrors.add(req, PrincipalException.class.getName());
131 
132             setForward(req, "portlet.portlet_configuration.error");
133         }
134 
135         Portlet portlet = PortletLocalServiceUtil.getPortletById(
136             themeDisplay.getCompanyId(), portletResource);
137 
138         if (portlet != null) {
139             res.setTitle(getTitle(portlet, req));
140         }
141 
142         return mapping.findForward(
143             getForward(req, "portlet.portlet_configuration.edit_permissions"));
144     }
145 
146     protected void updateGroupPermissions(ActionRequest req) throws Exception {
147         Layout layout = (Layout)req.getAttribute(WebKeys.LAYOUT);
148 
149         long resourceId = ParamUtil.getLong(req, "resourceId");
150         long groupId = ParamUtil.getLong(req, "groupId");
151         String[] actionIds = StringUtil.split(
152             ParamUtil.getString(req, "groupIdActionIds"));
153 
154         PermissionServiceUtil.setGroupPermissions(
155             groupId, actionIds, resourceId);
156 
157         if (!layout.isPrivateLayout()) {
158             Resource resource =
159                 ResourceLocalServiceUtil.getResource(resourceId);
160 
161             if (resource.getPrimKey().startsWith(
162                     layout.getPlid() + PortletImpl.LAYOUT_SEPARATOR)) {
163 
164                 LayoutCacheUtil.clearCache(layout.getCompanyId());
165             }
166         }
167     }
168 
169     protected void updateGuestPermissions(ActionRequest req) throws Exception {
170         ThemeDisplay themeDisplay =
171             (ThemeDisplay)req.getAttribute(WebKeys.THEME_DISPLAY);
172 
173         long resourceId = ParamUtil.getLong(req, "resourceId");
174         String[] actionIds = StringUtil.split(
175             ParamUtil.getString(req, "guestActionIds"));
176 
177         PermissionServiceUtil.setUserPermissions(
178             themeDisplay.getDefaultUserId(), themeDisplay.getPortletGroupId(),
179             actionIds, resourceId);
180     }
181 
182     protected void updateOrganizationPermissions(ActionRequest req)
183         throws Exception {
184 
185         Layout layout = (Layout)req.getAttribute(WebKeys.LAYOUT);
186 
187         long resourceId = ParamUtil.getLong(req, "resourceId");
188         long organizationId = ParamUtil.getLong(
189             req, "organizationIdsPosValue");
190         String[] actionIds = StringUtil.split(
191             ParamUtil.getString(req, "organizationIdActionIds"));
192         //boolean organizationIntersection = ParamUtil.getBoolean(
193         //  req, "organizationIntersection");
194 
195         //if (!organizationIntersection) {
196             PermissionServiceUtil.setGroupPermissions(
197                 Organization.class.getName(), String.valueOf(organizationId),
198                 layout.getGroupId(), actionIds, resourceId);
199         /*}
200         else {
201             PermissionServiceUtil.setOrgGroupPermissions(
202                 organizationId, layout.getGroupId(), actionIds, resourceId);
203         }*/
204     }
205 
206     protected void updateRolePermissions(ActionRequest req)
207         throws Exception {
208 
209         ThemeDisplay themeDisplay =
210             (ThemeDisplay)req.getAttribute(WebKeys.THEME_DISPLAY);
211 
212         long resourceId = ParamUtil.getLong(req, "resourceId");
213         long roleId = ParamUtil.getLong(req, "roleIdsPosValue");
214         String[] actionIds = StringUtil.split(
215             ParamUtil.getString(req, "roleIdActionIds"));
216 
217         PermissionServiceUtil.setRolePermissions(
218             roleId, themeDisplay.getPortletGroupId(), actionIds, resourceId);
219     }
220 
221     protected void updateUserGroupPermissions(ActionRequest req)
222         throws Exception {
223 
224         Layout layout = (Layout)req.getAttribute(WebKeys.LAYOUT);
225 
226         long resourceId = ParamUtil.getLong(req, "resourceId");
227         long userGroupId = ParamUtil.getLong(
228             req, "userGroupIdsPosValue");
229         String[] actionIds = StringUtil.split(
230             ParamUtil.getString(req, "userGroupIdActionIds"));
231 
232         PermissionServiceUtil.setGroupPermissions(
233             UserGroup.class.getName(), String.valueOf(userGroupId),
234             layout.getGroupId(), actionIds, resourceId);
235     }
236 
237     protected void updateUserPermissions(ActionRequest req) throws Exception {
238         ThemeDisplay themeDisplay =
239             (ThemeDisplay)req.getAttribute(WebKeys.THEME_DISPLAY);
240 
241         long resourceId = ParamUtil.getLong(req, "resourceId");
242         long userId = ParamUtil.getLong(req, "userIdsPosValue");
243         String[] actionIds = StringUtil.split(
244             ParamUtil.getString(req, "userIdActionIds"));
245 
246         PermissionServiceUtil.setUserPermissions(
247             userId, themeDisplay.getPortletGroupId(), actionIds, resourceId);
248     }
249 
250 }