1
22
23 package com.liferay.portal.service.impl;
24
25 import com.liferay.portal.PortalException;
26 import com.liferay.portal.SystemException;
27 import com.liferay.portal.kernel.util.GetterUtil;
28 import com.liferay.portal.model.Group;
29 import com.liferay.portal.model.Layout;
30 import com.liferay.portal.model.PortletConstants;
31 import com.liferay.portal.model.Resource;
32 import com.liferay.portal.model.Role;
33 import com.liferay.portal.model.User;
34 import com.liferay.portal.security.auth.PrincipalException;
35 import com.liferay.portal.security.permission.ActionKeys;
36 import com.liferay.portal.security.permission.PermissionChecker;
37 import com.liferay.portal.security.permission.PermissionCheckerBag;
38 import com.liferay.portal.service.base.PermissionServiceBaseImpl;
39 import com.liferay.portal.service.permission.GroupPermissionUtil;
40 import com.liferay.portal.service.permission.PortletPermissionUtil;
41 import com.liferay.portal.service.permission.UserPermissionUtil;
42
43
49 public class PermissionServiceImpl extends PermissionServiceBaseImpl {
50
51 public void checkPermission(long groupId, String name, String primKey)
52 throws PortalException, SystemException {
53
54 checkPermission(getPermissionChecker(), groupId, name, primKey);
55 }
56
57 public boolean hasGroupPermission(
58 long groupId, String actionId, long resourceId)
59 throws SystemException {
60
61 return permissionLocalService.hasGroupPermission(
62 groupId, actionId, resourceId);
63 }
64
65 public boolean hasUserPermission(
66 long userId, String actionId, long resourceId)
67 throws SystemException {
68
69 return permissionLocalService.hasUserPermission(
70 userId, actionId, resourceId);
71 }
72
73 public boolean hasUserPermissions(
74 long userId, long groupId, String actionId, long[] resourceIds,
75 PermissionCheckerBag permissionCheckerBag)
76 throws SystemException {
77
78 return permissionLocalService.hasUserPermissions(
79 userId, groupId, actionId, resourceIds, permissionCheckerBag);
80 }
81
82 public void setGroupPermissions(
83 long groupId, String[] actionIds, long resourceId)
84 throws PortalException, SystemException {
85
86 checkPermission(getPermissionChecker(), groupId, resourceId);
87
88 permissionLocalService.setGroupPermissions(
89 groupId, actionIds, resourceId);
90 }
91
92 public void setGroupPermissions(
93 String className, String classPK, long groupId,
94 String[] actionIds, long resourceId)
95 throws PortalException, SystemException {
96
97 checkPermission(getPermissionChecker(), groupId, resourceId);
98
99 permissionLocalService.setGroupPermissions(
100 className, classPK, groupId, actionIds, resourceId);
101 }
102
103 public void setOrgGroupPermissions(
104 long organizationId, long groupId, String[] actionIds,
105 long resourceId)
106 throws PortalException, SystemException {
107
108 checkPermission(getPermissionChecker(), groupId, resourceId);
109
110 permissionLocalService.setOrgGroupPermissions(
111 organizationId, groupId, actionIds, resourceId);
112 }
113
114 public void setRolePermission(
115 long roleId, long groupId, String name, int scope, String primKey,
116 String actionId)
117 throws PortalException, SystemException {
118
119 checkPermission(
120 getPermissionChecker(), groupId, Role.class.getName(), roleId);
121
122 permissionLocalService.setRolePermission(
123 roleId, getUser().getCompanyId(), name, scope, primKey, actionId);
124 }
125
126 public void setRolePermissions(
127 long roleId, long groupId, String[] actionIds, long resourceId)
128 throws PortalException, SystemException {
129
130 checkPermission(getPermissionChecker(), groupId, resourceId);
131
132 permissionLocalService.setRolePermissions(
133 roleId, actionIds, resourceId);
134 }
135
136 public void setUserPermissions(
137 long userId, long groupId, String[] actionIds, long resourceId)
138 throws PortalException, SystemException {
139
140 checkPermission(getPermissionChecker(), groupId, resourceId);
141
142 permissionLocalService.setUserPermissions(
143 userId, actionIds, resourceId);
144 }
145
146 public void unsetRolePermission(
147 long roleId, long groupId, long permissionId)
148 throws SystemException, PortalException {
149
150 checkPermission(
151 getPermissionChecker(), groupId, Role.class.getName(), roleId);
152
153 permissionLocalService.unsetRolePermission(roleId, permissionId);
154 }
155
156 public void unsetRolePermission(
157 long roleId, long groupId, String name, int scope, String primKey,
158 String actionId)
159 throws PortalException, SystemException {
160
161 checkPermission(
162 getPermissionChecker(), groupId, Role.class.getName(), roleId);
163
164 permissionLocalService.unsetRolePermission(
165 roleId, getUser().getCompanyId(), name, scope, primKey, actionId);
166 }
167
168 public void unsetRolePermissions(
169 long roleId, long groupId, String name, int scope, String actionId)
170 throws PortalException, SystemException {
171
172 checkPermission(
173 getPermissionChecker(), groupId, Role.class.getName(), roleId);
174
175 permissionLocalService.unsetRolePermissions(
176 roleId, getUser().getCompanyId(), name, scope, actionId);
177 }
178
179 public void unsetUserPermissions(
180 long userId, long groupId, String[] actionIds, long resourceId)
181 throws PortalException, SystemException {
182
183 checkPermission(getPermissionChecker(), groupId, resourceId);
184
185 permissionLocalService.unsetUserPermissions(
186 userId, actionIds, resourceId);
187 }
188
189 protected void checkPermission(
190 PermissionChecker permissionChecker, long groupId,
191 long resourceId)
192 throws PortalException, SystemException {
193
194 Resource resource = resourcePersistence.findByPrimaryKey(resourceId);
195
196 checkPermission(
197 permissionChecker, groupId, resource.getName(),
198 resource.getPrimKey().toString());
199 }
200
201 protected void checkPermission(
202 PermissionChecker permissionChecker, long groupId, String name,
203 long primKey)
204 throws PortalException, SystemException {
205
206 checkPermission(
207 permissionChecker, groupId, name, String.valueOf(primKey));
208 }
209
210 protected void checkPermission(
211 PermissionChecker permissionChecker, long groupId, String name,
212 String primKey)
213 throws PortalException, SystemException {
214
215 if (name.equals(Group.class.getName())) {
216 GroupPermissionUtil.check(
217 permissionChecker, GetterUtil.getLong(primKey),
218 ActionKeys.PERMISSIONS);
219 }
220 else if (name.equals(Layout.class.getName())) {
221 long plid = GetterUtil.getLong(primKey);
222
223 Layout layout = layoutPersistence.findByPrimaryKey(plid);
224
225 GroupPermissionUtil.check(
226 permissionChecker, layout.getGroupId(),
227 ActionKeys.MANAGE_LAYOUTS);
228 }
229 else if (name.equals(User.class.getName())) {
230 long userId = GetterUtil.getLong(primKey);
231
232 User user = userPersistence.findByPrimaryKey(userId);
233
234 UserPermissionUtil.check(
235 permissionChecker, userId, user.getOrganizationIds(),
236 ActionKeys.PERMISSIONS);
237 }
238 else if ((primKey != null) &&
239 (primKey.indexOf(PortletConstants.LAYOUT_SEPARATOR) != -1)) {
240
241 int pos = primKey.indexOf(PortletConstants.LAYOUT_SEPARATOR);
242
243 long plid = GetterUtil.getLong(primKey.substring(0, pos));
244
245 String portletId = primKey.substring(
246 pos + PortletConstants.LAYOUT_SEPARATOR.length(),
247 primKey.length());
248
249 if (!PortletPermissionUtil.contains(
250 permissionChecker, plid, portletId,
251 ActionKeys.CONFIGURATION)) {
252
253 throw new PrincipalException();
254 }
255 }
256 else if (!permissionChecker.hasPermission(
257 groupId, name, primKey, ActionKeys.PERMISSIONS) &&
258 !permissionChecker.hasPermission(
259 groupId, name, primKey, ActionKeys.DEFINE_PERMISSIONS)) {
260
261 throw new PrincipalException();
262 }
263 }
264
265 }