1   /**
2    * Copyright (c) 2000-2008 Liferay, Inc. All rights reserved.
3    *
4    * Permission is hereby granted, free of charge, to any person obtaining a copy
5    * of this software and associated documentation files (the "Software"), to deal
6    * in the Software without restriction, including without limitation the rights
7    * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
8    * copies of the Software, and to permit persons to whom the Software is
9    * furnished to do so, subject to the following conditions:
10   *
11   * The above copyright notice and this permission notice shall be included in
12   * all copies or substantial portions of the Software.
13   *
14   * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15   * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16   * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
17   * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
18   * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
19   * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
20   * SOFTWARE.
21   */
22  
23  package com.liferay.portlet.enterpriseadmin.action;
24  
25  import com.liferay.portal.NoSuchRoleException;
26  import com.liferay.portal.kernel.servlet.SessionErrors;
27  import com.liferay.portal.kernel.servlet.SessionMessages;
28  import com.liferay.portal.kernel.util.ArrayUtil;
29  import com.liferay.portal.kernel.util.Constants;
30  import com.liferay.portal.kernel.util.ParamUtil;
31  import com.liferay.portal.kernel.util.StringUtil;
32  import com.liferay.portal.kernel.util.Validator;
33  import com.liferay.portal.model.ResourceConstants;
34  import com.liferay.portal.model.Role;
35  import com.liferay.portal.model.impl.GroupImpl;
36  import com.liferay.portal.model.impl.RoleImpl;
37  import com.liferay.portal.security.auth.PrincipalException;
38  import com.liferay.portal.security.permission.ResourceActionsUtil;
39  import com.liferay.portal.security.permission.comparator.ActionComparator;
40  import com.liferay.portal.service.PermissionServiceUtil;
41  import com.liferay.portal.service.RoleServiceUtil;
42  import com.liferay.portal.struts.PortletAction;
43  import com.liferay.portal.theme.ThemeDisplay;
44  import com.liferay.portal.util.WebKeys;
45  
46  import java.util.Collections;
47  import java.util.HashMap;
48  import java.util.List;
49  import java.util.Map;
50  
51  import javax.portlet.ActionRequest;
52  import javax.portlet.ActionResponse;
53  import javax.portlet.PortletConfig;
54  import javax.portlet.RenderRequest;
55  import javax.portlet.RenderResponse;
56  
57  import org.apache.struts.action.ActionForm;
58  import org.apache.struts.action.ActionForward;
59  import org.apache.struts.action.ActionMapping;
60  
61  /**
62   * <a href="EditRolePermissionsAction.java.html"><b><i>View Source</i></b></a>
63   *
64   * @author Brian Wing Shun Chan
65   * @author Jorge Ferrer
66   *
67   */
68  public class EditRolePermissionsAction extends PortletAction {
69  
70      public void processAction(
71              ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
72              ActionRequest actionRequest, ActionResponse actionResponse)
73          throws Exception {
74  
75          String cmd = ParamUtil.getString(actionRequest, Constants.CMD);
76  
77          try {
78              if (cmd.equals("actions")) {
79                  updateActions(actionRequest, actionResponse);
80              }
81              else if (cmd.equals("delete_permission")) {
82                  deletePermission(actionRequest, actionResponse);
83              }
84          }
85          catch (Exception e) {
86              if (e instanceof NoSuchRoleException ||
87                  e instanceof PrincipalException) {
88  
89                  SessionErrors.add(actionRequest, e.getClass().getName());
90  
91                  setForward(actionRequest, "portlet.enterprise_admin.error");
92              }
93              else {
94                  throw e;
95              }
96          }
97      }
98  
99      public ActionForward render(
100             ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
101             RenderRequest renderRequest, RenderResponse renderResponse)
102         throws Exception {
103 
104         try {
105             ActionUtil.getRole(renderRequest);
106         }
107         catch (Exception e) {
108             if (e instanceof NoSuchRoleException ||
109                 e instanceof PrincipalException) {
110 
111                 SessionErrors.add(renderRequest, e.getClass().getName());
112 
113                 return mapping.findForward("portlet.enterprise_admin.error");
114             }
115             else {
116                 throw e;
117             }
118         }
119 
120         return mapping.findForward(getForward(
121             renderRequest, "portlet.enterprise_admin.edit_role_permissions"));
122     }
123 
124     protected void deletePermission(
125             ActionRequest actionRequest, ActionResponse actionResponse)
126         throws Exception {
127 
128         ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
129             WebKeys.THEME_DISPLAY);
130 
131         long roleId = ParamUtil.getLong(actionRequest, "roleId");
132         long permissionId = ParamUtil.getLong(actionRequest, "permissionId");
133 
134         PermissionServiceUtil.unsetRolePermission(
135             roleId, themeDisplay.getPortletGroupId(), permissionId);
136 
137         // Send redirect
138 
139         SessionMessages.add(actionRequest, "permissionDeleted");
140 
141         String redirect = ParamUtil.getString(actionRequest, "redirect");
142 
143         actionResponse.sendRedirect(redirect);
144     }
145 
146     protected void updateActions(
147             ActionRequest actionRequest, ActionResponse actionResponse)
148         throws Exception {
149 
150         ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
151             WebKeys.THEME_DISPLAY);
152 
153         long roleId = ParamUtil.getLong(actionRequest, "roleId");
154 
155         String portletResource = ParamUtil.getString(
156             actionRequest, "portletResource");
157         String[] modelResources = StringUtil.split(
158             ParamUtil.getString(actionRequest, "modelResources"));
159 
160         Map<String, List<String>> resourceActionsMap =
161             new HashMap<String, List<String>>();
162 
163         if (Validator.isNotNull(portletResource)) {
164             resourceActionsMap.put(
165                 portletResource,
166                 ResourceActionsUtil.getResourceActions(
167                     themeDisplay.getCompanyId(), portletResource, null));
168         }
169 
170         for (int i = 0; i < modelResources.length; i++) {
171             resourceActionsMap.put(
172                 modelResources[i],
173                 ResourceActionsUtil.getResourceActions(
174                     themeDisplay.getCompanyId(), null, modelResources[i]));
175         }
176 
177         for (Map.Entry<String, List<String>> entry :
178                 resourceActionsMap.entrySet()) {
179 
180             String selResource = entry.getKey();
181             List<String> actions = entry.getValue();
182 
183             Collections.sort(
184                 actions,
185                 new ActionComparator(
186                     themeDisplay.getCompanyId(), themeDisplay.getLocale()));
187 
188             Role role = RoleServiceUtil.getRole(roleId);
189 
190             for (String actionId : actions) {
191                 int scope = ParamUtil.getInteger(
192                     actionRequest, "scope" + selResource + actionId);
193 
194                 if (scope == ResourceConstants.SCOPE_COMPANY) {
195                     PermissionServiceUtil.setRolePermission(
196                         roleId, themeDisplay.getPortletGroupId(), selResource,
197                         scope, String.valueOf(themeDisplay.getCompanyId()),
198                         actionId);
199                 }
200                 else if (scope == ResourceConstants.SCOPE_GROUP) {
201                     if ((role.getType() == RoleImpl.TYPE_COMMUNITY) ||
202                         (role.getType() == RoleImpl.TYPE_ORGANIZATION)) {
203 
204                         PermissionServiceUtil.setRolePermission(
205                             roleId, themeDisplay.getPortletGroupId(),
206                             selResource, ResourceConstants.SCOPE_GROUP_TEMPLATE,
207                             String.valueOf(GroupImpl.DEFAULT_PARENT_GROUP_ID),
208                             actionId);
209                     }
210                     else {
211                         String[] groupIds = StringUtil.split(
212                             ParamUtil.getString(
213                                 actionRequest,
214                                 "groupIds" + selResource + actionId));
215 
216                         if (groupIds.length == 0) {
217                             SessionErrors.add(
218                                 actionRequest, "missingGroupIdsForAction");
219 
220                             return;
221                         }
222 
223                         groupIds = ArrayUtil.distinct(groupIds);
224 
225                         PermissionServiceUtil.unsetRolePermissions(
226                             roleId, themeDisplay.getPortletGroupId(),
227                             selResource, ResourceConstants.SCOPE_GROUP,
228                             actionId);
229 
230                         for (int j = 0; j < groupIds.length; j++) {
231                             PermissionServiceUtil.setRolePermission(
232                                 roleId, themeDisplay.getPortletGroupId(),
233                                 selResource, ResourceConstants.SCOPE_GROUP,
234                                 groupIds[j], actionId);
235                         }
236                     }
237                 }
238                 else {
239 
240                     // Remove company, group template, and group permissions
241 
242                     PermissionServiceUtil.unsetRolePermissions(
243                         roleId, themeDisplay.getPortletGroupId(), selResource,
244                         ResourceConstants.SCOPE_COMPANY, actionId);
245 
246                     PermissionServiceUtil.unsetRolePermissions(
247                         roleId, themeDisplay.getPortletGroupId(), selResource,
248                         ResourceConstants.SCOPE_GROUP_TEMPLATE, actionId);
249 
250                     PermissionServiceUtil.unsetRolePermissions(
251                         roleId, themeDisplay.getPortletGroupId(), selResource,
252                         ResourceConstants.SCOPE_GROUP, actionId);
253                 }
254             }
255         }
256 
257         // Send redirect
258 
259         SessionMessages.add(actionRequest, "permissionsUpdated");
260 
261         String redirect =
262             ParamUtil.getString(actionRequest, "redirect") + "&" +
263                 Constants.CMD + "=" + Constants.VIEW;
264 
265         actionResponse.sendRedirect(redirect);
266     }
267 
268 }