1   /**
2    * Copyright (c) 2000-2008 Liferay, Inc. All rights reserved.
3    *
4    * Permission is hereby granted, free of charge, to any person obtaining a copy
5    * of this software and associated documentation files (the "Software"), to deal
6    * in the Software without restriction, including without limitation the rights
7    * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
8    * copies of the Software, and to permit persons to whom the Software is
9    * furnished to do so, subject to the following conditions:
10   *
11   * The above copyright notice and this permission notice shall be included in
12   * all copies or substantial portions of the Software.
13   *
14   * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15   * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16   * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
17   * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
18   * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
19   * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
20   * SOFTWARE.
21   */
22  
23  package com.liferay.portlet.portletconfiguration.action;
24  
25  import com.liferay.portal.kernel.servlet.SessionErrors;
26  import com.liferay.portal.kernel.util.Constants;
27  import com.liferay.portal.kernel.util.ParamUtil;
28  import com.liferay.portal.kernel.util.StringUtil;
29  import com.liferay.portal.kernel.util.Validator;
30  import com.liferay.portal.model.Layout;
31  import com.liferay.portal.model.Organization;
32  import com.liferay.portal.model.Portlet;
33  import com.liferay.portal.model.PortletConstants;
34  import com.liferay.portal.model.Resource;
35  import com.liferay.portal.model.UserGroup;
36  import com.liferay.portal.security.auth.PrincipalException;
37  import com.liferay.portal.service.PermissionServiceUtil;
38  import com.liferay.portal.service.PortletLocalServiceUtil;
39  import com.liferay.portal.service.ResourceLocalServiceUtil;
40  import com.liferay.portal.servlet.filters.layoutcache.LayoutCacheUtil;
41  import com.liferay.portal.theme.ThemeDisplay;
42  import com.liferay.portal.util.WebKeys;
43  
44  import javax.portlet.ActionRequest;
45  import javax.portlet.ActionResponse;
46  import javax.portlet.PortletConfig;
47  import javax.portlet.RenderRequest;
48  import javax.portlet.RenderResponse;
49  
50  import org.apache.struts.action.ActionForm;
51  import org.apache.struts.action.ActionForward;
52  import org.apache.struts.action.ActionMapping;
53  
54  /**
55   * <a href="EditPermissionsAction.java.html"><b><i>View Source</i></b></a>
56   *
57   * @author Brian Wing Shun Chan
58   *
59   */
60  public class EditPermissionsAction extends EditConfigurationAction {
61  
62      public void processAction(
63              ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
64              ActionRequest actionRequest, ActionResponse actionResponse)
65          throws Exception {
66  
67          String cmd = ParamUtil.getString(actionRequest, Constants.CMD);
68  
69          try {
70              if (cmd.equals("group_permissions")) {
71                  updateGroupPermissions(actionRequest);
72              }
73              else if (cmd.equals("guest_permissions")) {
74                  updateGuestPermissions(actionRequest);
75              }
76              else if (cmd.equals("organization_permissions")) {
77                  updateOrganizationPermissions(actionRequest);
78              }
79              else if (cmd.equals("role_permissions")) {
80                  updateRolePermissions(actionRequest);
81              }
82              else if (cmd.equals("user_group_permissions")) {
83                  updateUserGroupPermissions(actionRequest);
84              }
85              else if (cmd.equals("user_permissions")) {
86                  updateUserPermissions(actionRequest);
87              }
88  
89              String redirect = ParamUtil.getString(
90                  actionRequest, "permissionsRedirect");
91  
92              sendRedirect(actionRequest, actionResponse, redirect);
93          }
94          catch (Exception e) {
95              if (e instanceof PrincipalException) {
96                  SessionErrors.add(actionRequest, e.getClass().getName());
97  
98                  setForward(
99                      actionRequest, "portlet.portlet_configuration.error");
100             }
101             else {
102                 throw e;
103             }
104         }
105     }
106 
107     public ActionForward render(
108             ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
109             RenderRequest renderRequest, RenderResponse renderResponse)
110         throws Exception {
111 
112         ThemeDisplay themeDisplay = (ThemeDisplay)renderRequest.getAttribute(
113             WebKeys.THEME_DISPLAY);
114 
115         long groupId = themeDisplay.getPortletGroupId();
116 
117         String portletResource = ParamUtil.getString(
118             renderRequest, "portletResource");
119         String modelResource = ParamUtil.getString(
120             renderRequest, "modelResource");
121         String resourcePrimKey = ParamUtil.getString(
122             renderRequest, "resourcePrimKey");
123 
124         String selResource = portletResource;
125 
126         if (Validator.isNotNull(modelResource)) {
127             selResource = modelResource;
128         }
129 
130         try {
131             PermissionServiceUtil.checkPermission(
132                 groupId, selResource, resourcePrimKey);
133         }
134         catch (PrincipalException pe) {
135             SessionErrors.add(
136                 renderRequest, PrincipalException.class.getName());
137 
138             setForward(renderRequest, "portlet.portlet_configuration.error");
139         }
140 
141         Portlet portlet = PortletLocalServiceUtil.getPortletById(
142             themeDisplay.getCompanyId(), portletResource);
143 
144         if (portlet != null) {
145             renderResponse.setTitle(getTitle(portlet, renderRequest));
146         }
147 
148         return mapping.findForward(getForward(
149             renderRequest, "portlet.portlet_configuration.edit_permissions"));
150     }
151 
152     protected void updateGroupPermissions(ActionRequest actionRequest)
153         throws Exception {
154 
155         Layout layout = (Layout)actionRequest.getAttribute(WebKeys.LAYOUT);
156 
157         long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
158         long groupId = ParamUtil.getLong(actionRequest, "groupId");
159         String[] actionIds = StringUtil.split(
160             ParamUtil.getString(actionRequest, "groupIdActionIds"));
161 
162         PermissionServiceUtil.setGroupPermissions(
163             groupId, actionIds, resourceId);
164 
165         if (!layout.isPrivateLayout()) {
166             Resource resource =
167                 ResourceLocalServiceUtil.getResource(resourceId);
168 
169             if (resource.getPrimKey().startsWith(
170                     layout.getPlid() + PortletConstants.LAYOUT_SEPARATOR)) {
171 
172                 LayoutCacheUtil.clearCache(layout.getCompanyId());
173             }
174         }
175     }
176 
177     protected void updateGuestPermissions(ActionRequest actionRequest)
178         throws Exception {
179 
180         ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
181             WebKeys.THEME_DISPLAY);
182 
183         long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
184         String[] actionIds = StringUtil.split(
185             ParamUtil.getString(actionRequest, "guestActionIds"));
186 
187         PermissionServiceUtil.setUserPermissions(
188             themeDisplay.getDefaultUserId(), themeDisplay.getPortletGroupId(),
189             actionIds, resourceId);
190     }
191 
192     protected void updateOrganizationPermissions(ActionRequest actionRequest)
193         throws Exception {
194 
195         Layout layout = (Layout)actionRequest.getAttribute(WebKeys.LAYOUT);
196 
197         long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
198         long organizationId = ParamUtil.getLong(
199             actionRequest, "organizationIdsPosValue");
200         String[] actionIds = StringUtil.split(
201             ParamUtil.getString(actionRequest, "organizationIdActionIds"));
202         //boolean organizationIntersection = ParamUtil.getBoolean(
203         //  actionRequest, "organizationIntersection");
204 
205         //if (!organizationIntersection) {
206             PermissionServiceUtil.setGroupPermissions(
207                 Organization.class.getName(), String.valueOf(organizationId),
208                 layout.getGroupId(), actionIds, resourceId);
209         /*}
210         else {
211             PermissionServiceUtil.setOrgGroupPermissions(
212                 organizationId, layout.getGroupId(), actionIds, resourceId);
213         }*/
214     }
215 
216     protected void updateRolePermissions(ActionRequest actionRequest)
217         throws Exception {
218 
219         ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
220             WebKeys.THEME_DISPLAY);
221 
222         long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
223         long roleId = ParamUtil.getLong(actionRequest, "roleIdsPosValue");
224         String[] actionIds = StringUtil.split(
225             ParamUtil.getString(actionRequest, "roleIdActionIds"));
226 
227         PermissionServiceUtil.setRolePermissions(
228             roleId, themeDisplay.getPortletGroupId(), actionIds, resourceId);
229     }
230 
231     protected void updateUserGroupPermissions(ActionRequest actionRequest)
232         throws Exception {
233 
234         Layout layout = (Layout)actionRequest.getAttribute(WebKeys.LAYOUT);
235 
236         long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
237         long userGroupId = ParamUtil.getLong(
238             actionRequest, "userGroupIdsPosValue");
239         String[] actionIds = StringUtil.split(
240             ParamUtil.getString(actionRequest, "userGroupIdActionIds"));
241 
242         PermissionServiceUtil.setGroupPermissions(
243             UserGroup.class.getName(), String.valueOf(userGroupId),
244             layout.getGroupId(), actionIds, resourceId);
245     }
246 
247     protected void updateUserPermissions(ActionRequest actionRequest)
248         throws Exception {
249 
250         ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
251             WebKeys.THEME_DISPLAY);
252 
253         long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
254         long userId = ParamUtil.getLong(actionRequest, "userIdsPosValue");
255         String[] actionIds = StringUtil.split(
256             ParamUtil.getString(actionRequest, "userIdActionIds"));
257 
258         PermissionServiceUtil.setUserPermissions(
259             userId, themeDisplay.getPortletGroupId(), actionIds, resourceId);
260     }
261 
262 }