1
22
23 package com.liferay.portlet.enterpriseadmin.action;
24
25 import com.liferay.portal.NoSuchRoleException;
26 import com.liferay.portal.kernel.util.ArrayUtil;
27 import com.liferay.portal.kernel.util.Constants;
28 import com.liferay.portal.kernel.util.ParamUtil;
29 import com.liferay.portal.kernel.util.StringUtil;
30 import com.liferay.portal.kernel.util.Validator;
31 import com.liferay.portal.model.ResourceConstants;
32 import com.liferay.portal.model.Role;
33 import com.liferay.portal.model.impl.GroupImpl;
34 import com.liferay.portal.model.impl.RoleImpl;
35 import com.liferay.portal.security.auth.PrincipalException;
36 import com.liferay.portal.security.permission.ResourceActionsUtil;
37 import com.liferay.portal.security.permission.comparator.ActionComparator;
38 import com.liferay.portal.service.PermissionServiceUtil;
39 import com.liferay.portal.service.RoleServiceUtil;
40 import com.liferay.portal.struts.PortletAction;
41 import com.liferay.portal.theme.ThemeDisplay;
42 import com.liferay.portal.util.WebKeys;
43 import com.liferay.util.servlet.SessionErrors;
44 import com.liferay.util.servlet.SessionMessages;
45
46 import java.util.Collections;
47 import java.util.HashMap;
48 import java.util.List;
49 import java.util.Map;
50
51 import javax.portlet.ActionRequest;
52 import javax.portlet.ActionResponse;
53 import javax.portlet.PortletConfig;
54 import javax.portlet.RenderRequest;
55 import javax.portlet.RenderResponse;
56
57 import org.apache.struts.action.ActionForm;
58 import org.apache.struts.action.ActionForward;
59 import org.apache.struts.action.ActionMapping;
60
61
68 public class EditRolePermissionsAction extends PortletAction {
69
70 public void processAction(
71 ActionMapping mapping, ActionForm form, PortletConfig config,
72 ActionRequest req, ActionResponse res)
73 throws Exception {
74
75 String cmd = ParamUtil.getString(req, Constants.CMD);
76
77 try {
78 if (cmd.equals("actions")) {
79 updateActions(req, res);
80 }
81 else if (cmd.equals("delete_permission")) {
82 deletePermission(req, res);
83 }
84 }
85 catch (Exception e) {
86 if (e instanceof NoSuchRoleException ||
87 e instanceof PrincipalException) {
88
89 SessionErrors.add(req, e.getClass().getName());
90
91 setForward(req, "portlet.enterprise_admin.error");
92 }
93 else {
94 throw e;
95 }
96 }
97 }
98
99 public ActionForward render(
100 ActionMapping mapping, ActionForm form, PortletConfig config,
101 RenderRequest req, RenderResponse res)
102 throws Exception {
103
104 try {
105 ActionUtil.getRole(req);
106 }
107 catch (Exception e) {
108 if (e instanceof NoSuchRoleException ||
109 e instanceof PrincipalException) {
110
111 SessionErrors.add(req, e.getClass().getName());
112
113 return mapping.findForward("portlet.enterprise_admin.error");
114 }
115 else {
116 throw e;
117 }
118 }
119
120 return mapping.findForward(
121 getForward(req, "portlet.enterprise_admin.edit_role_permissions"));
122 }
123
124 protected void deletePermission(ActionRequest req, ActionResponse res)
125 throws Exception {
126
127 ThemeDisplay themeDisplay =
128 (ThemeDisplay)req.getAttribute(WebKeys.THEME_DISPLAY);
129
130 long roleId = ParamUtil.getLong(req, "roleId");
131 long permissionId = ParamUtil.getLong(req, "permissionId");
132
133 PermissionServiceUtil.unsetRolePermission(
134 roleId, themeDisplay.getPortletGroupId(), permissionId);
135
136
138 SessionMessages.add(req, "permissionDeleted");
139
140 String redirect = ParamUtil.getString(req, "redirect");
141
142 res.sendRedirect(redirect);
143 }
144
145 protected void updateActions(ActionRequest req, ActionResponse res)
146 throws Exception {
147
148 ThemeDisplay themeDisplay =
149 (ThemeDisplay)req.getAttribute(WebKeys.THEME_DISPLAY);
150
151 long roleId = ParamUtil.getLong(req, "roleId");
152
153 String portletResource = ParamUtil.getString(req, "portletResource");
154 String[] modelResources = StringUtil.split(
155 ParamUtil.getString(req, "modelResources"));
156
157 Map<String, List<String>> resourceActionsMap =
158 new HashMap<String, List<String>>();
159
160 if (Validator.isNotNull(portletResource)) {
161 resourceActionsMap.put(
162 portletResource,
163 ResourceActionsUtil.getResourceActions(
164 themeDisplay.getCompanyId(), portletResource, null));
165 }
166
167 for (int i = 0; i < modelResources.length; i++) {
168 resourceActionsMap.put(
169 modelResources[i],
170 ResourceActionsUtil.getResourceActions(
171 themeDisplay.getCompanyId(), null, modelResources[i]));
172 }
173
174 for (Map.Entry<String, List<String>> entry :
175 resourceActionsMap.entrySet()) {
176
177 String selResource = entry.getKey();
178 List<String> actions = entry.getValue();
179
180 Collections.sort(
181 actions,
182 new ActionComparator(
183 themeDisplay.getCompanyId(), themeDisplay.getLocale()));
184
185 Role role = RoleServiceUtil.getRole(roleId);
186
187 for (String actionId : actions) {
188 int scope = ParamUtil.getInteger(
189 req, "scope" + selResource + actionId);
190
191 if (scope == ResourceConstants.SCOPE_COMPANY) {
192 PermissionServiceUtil.setRolePermission(
193 roleId, themeDisplay.getPortletGroupId(), selResource,
194 scope, String.valueOf(themeDisplay.getCompanyId()),
195 actionId);
196 }
197 else if (scope == ResourceConstants.SCOPE_GROUP) {
198 if ((role.getType() == RoleImpl.TYPE_COMMUNITY) ||
199 (role.getType() == RoleImpl.TYPE_ORGANIZATION)) {
200
201 PermissionServiceUtil.setRolePermission(
202 roleId, themeDisplay.getPortletGroupId(),
203 selResource, ResourceConstants.SCOPE_GROUP_TEMPLATE,
204 String.valueOf(GroupImpl.DEFAULT_PARENT_GROUP_ID),
205 actionId);
206 }
207 else {
208 String[] groupIds = StringUtil.split(
209 ParamUtil.getString(
210 req, "groupIds" + selResource + actionId));
211
212 if (groupIds.length == 0) {
213 SessionErrors.add(req, "missingGroupIdsForAction");
214 return;
215 }
216
217 groupIds = ArrayUtil.distinct(groupIds);
218
219 PermissionServiceUtil.unsetRolePermissions(
220 roleId, themeDisplay.getPortletGroupId(),
221 selResource, ResourceConstants.SCOPE_GROUP,
222 actionId);
223
224 for (int j = 0; j < groupIds.length; j++) {
225 PermissionServiceUtil.setRolePermission(
226 roleId, themeDisplay.getPortletGroupId(),
227 selResource, ResourceConstants.SCOPE_GROUP,
228 groupIds[j], actionId);
229 }
230 }
231 }
232 else {
233
234
236 PermissionServiceUtil.unsetRolePermissions(
237 roleId, themeDisplay.getPortletGroupId(), selResource,
238 ResourceConstants.SCOPE_COMPANY, actionId);
239
240 PermissionServiceUtil.unsetRolePermissions(
241 roleId, themeDisplay.getPortletGroupId(), selResource,
242 ResourceConstants.SCOPE_GROUP_TEMPLATE, actionId);
243
244 PermissionServiceUtil.unsetRolePermissions(
245 roleId, themeDisplay.getPortletGroupId(), selResource,
246 ResourceConstants.SCOPE_GROUP, actionId);
247 }
248 }
249 }
250
251
253 SessionMessages.add(req, "permissionsUpdated");
254
255 String redirect =
256 ParamUtil.getString(req, "redirect") + "&" + Constants.CMD + "=" +
257 Constants.VIEW;
258
259 res.sendRedirect(redirect);
260 }
261
262 }