1
22
23 package com.liferay.portlet.enterpriseadmin.action;
24
25 import com.liferay.portal.NoSuchRoleException;
26 import com.liferay.portal.kernel.servlet.SessionErrors;
27 import com.liferay.portal.kernel.servlet.SessionMessages;
28 import com.liferay.portal.kernel.util.ArrayUtil;
29 import com.liferay.portal.kernel.util.Constants;
30 import com.liferay.portal.kernel.util.ParamUtil;
31 import com.liferay.portal.kernel.util.StringUtil;
32 import com.liferay.portal.kernel.util.Validator;
33 import com.liferay.portal.model.ResourceConstants;
34 import com.liferay.portal.model.Role;
35 import com.liferay.portal.model.impl.GroupImpl;
36 import com.liferay.portal.model.impl.RoleImpl;
37 import com.liferay.portal.security.auth.PrincipalException;
38 import com.liferay.portal.security.permission.ResourceActionsUtil;
39 import com.liferay.portal.security.permission.comparator.ActionComparator;
40 import com.liferay.portal.service.PermissionServiceUtil;
41 import com.liferay.portal.service.RoleServiceUtil;
42 import com.liferay.portal.struts.PortletAction;
43 import com.liferay.portal.theme.ThemeDisplay;
44 import com.liferay.portal.util.WebKeys;
45
46 import java.util.Collections;
47 import java.util.HashMap;
48 import java.util.List;
49 import java.util.Map;
50
51 import javax.portlet.ActionRequest;
52 import javax.portlet.ActionResponse;
53 import javax.portlet.PortletConfig;
54 import javax.portlet.RenderRequest;
55 import javax.portlet.RenderResponse;
56
57 import org.apache.struts.action.ActionForm;
58 import org.apache.struts.action.ActionForward;
59 import org.apache.struts.action.ActionMapping;
60
61
68 public class EditRolePermissionsAction extends PortletAction {
69
70 public void processAction(
71 ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
72 ActionRequest actionRequest, ActionResponse actionResponse)
73 throws Exception {
74
75 String cmd = ParamUtil.getString(actionRequest, Constants.CMD);
76
77 try {
78 if (cmd.equals("actions")) {
79 updateActions(actionRequest, actionResponse);
80 }
81 else if (cmd.equals("delete_permission")) {
82 deletePermission(actionRequest, actionResponse);
83 }
84 }
85 catch (Exception e) {
86 if (e instanceof NoSuchRoleException ||
87 e instanceof PrincipalException) {
88
89 SessionErrors.add(actionRequest, e.getClass().getName());
90
91 setForward(actionRequest, "portlet.enterprise_admin.error");
92 }
93 else {
94 throw e;
95 }
96 }
97 }
98
99 public ActionForward render(
100 ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
101 RenderRequest renderRequest, RenderResponse renderResponse)
102 throws Exception {
103
104 try {
105 ActionUtil.getRole(renderRequest);
106 }
107 catch (Exception e) {
108 if (e instanceof NoSuchRoleException ||
109 e instanceof PrincipalException) {
110
111 SessionErrors.add(renderRequest, e.getClass().getName());
112
113 return mapping.findForward("portlet.enterprise_admin.error");
114 }
115 else {
116 throw e;
117 }
118 }
119
120 return mapping.findForward(getForward(
121 renderRequest, "portlet.enterprise_admin.edit_role_permissions"));
122 }
123
124 protected void deletePermission(
125 ActionRequest actionRequest, ActionResponse actionResponse)
126 throws Exception {
127
128 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
129 WebKeys.THEME_DISPLAY);
130
131 long roleId = ParamUtil.getLong(actionRequest, "roleId");
132 long permissionId = ParamUtil.getLong(actionRequest, "permissionId");
133
134 PermissionServiceUtil.unsetRolePermission(
135 roleId, themeDisplay.getPortletGroupId(), permissionId);
136
137
139 SessionMessages.add(actionRequest, "permissionDeleted");
140
141 String redirect = ParamUtil.getString(actionRequest, "redirect");
142
143 actionResponse.sendRedirect(redirect);
144 }
145
146 protected void updateActions(
147 ActionRequest actionRequest, ActionResponse actionResponse)
148 throws Exception {
149
150 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
151 WebKeys.THEME_DISPLAY);
152
153 long roleId = ParamUtil.getLong(actionRequest, "roleId");
154
155 String portletResource = ParamUtil.getString(
156 actionRequest, "portletResource");
157 String[] modelResources = StringUtil.split(
158 ParamUtil.getString(actionRequest, "modelResources"));
159
160 Map<String, List<String>> resourceActionsMap =
161 new HashMap<String, List<String>>();
162
163 if (Validator.isNotNull(portletResource)) {
164 resourceActionsMap.put(
165 portletResource,
166 ResourceActionsUtil.getResourceActions(
167 themeDisplay.getCompanyId(), portletResource, null));
168 }
169
170 for (int i = 0; i < modelResources.length; i++) {
171 resourceActionsMap.put(
172 modelResources[i],
173 ResourceActionsUtil.getResourceActions(
174 themeDisplay.getCompanyId(), null, modelResources[i]));
175 }
176
177 for (Map.Entry<String, List<String>> entry :
178 resourceActionsMap.entrySet()) {
179
180 String selResource = entry.getKey();
181 List<String> actions = entry.getValue();
182
183 Collections.sort(
184 actions,
185 new ActionComparator(
186 themeDisplay.getCompanyId(), themeDisplay.getLocale()));
187
188 Role role = RoleServiceUtil.getRole(roleId);
189
190 for (String actionId : actions) {
191 int scope = ParamUtil.getInteger(
192 actionRequest, "scope" + selResource + actionId);
193
194 if (scope == ResourceConstants.SCOPE_COMPANY) {
195 PermissionServiceUtil.setRolePermission(
196 roleId, themeDisplay.getPortletGroupId(), selResource,
197 scope, String.valueOf(themeDisplay.getCompanyId()),
198 actionId);
199 }
200 else if (scope == ResourceConstants.SCOPE_GROUP) {
201 if ((role.getType() == RoleImpl.TYPE_COMMUNITY) ||
202 (role.getType() == RoleImpl.TYPE_ORGANIZATION)) {
203
204 PermissionServiceUtil.setRolePermission(
205 roleId, themeDisplay.getPortletGroupId(),
206 selResource, ResourceConstants.SCOPE_GROUP_TEMPLATE,
207 String.valueOf(GroupImpl.DEFAULT_PARENT_GROUP_ID),
208 actionId);
209 }
210 else {
211 String[] groupIds = StringUtil.split(
212 ParamUtil.getString(
213 actionRequest,
214 "groupIds" + selResource + actionId));
215
216 if (groupIds.length == 0) {
217 SessionErrors.add(
218 actionRequest, "missingGroupIdsForAction");
219
220 return;
221 }
222
223 groupIds = ArrayUtil.distinct(groupIds);
224
225 PermissionServiceUtil.unsetRolePermissions(
226 roleId, themeDisplay.getPortletGroupId(),
227 selResource, ResourceConstants.SCOPE_GROUP,
228 actionId);
229
230 for (int j = 0; j < groupIds.length; j++) {
231 PermissionServiceUtil.setRolePermission(
232 roleId, themeDisplay.getPortletGroupId(),
233 selResource, ResourceConstants.SCOPE_GROUP,
234 groupIds[j], actionId);
235 }
236 }
237 }
238 else {
239
240
242 PermissionServiceUtil.unsetRolePermissions(
243 roleId, themeDisplay.getPortletGroupId(), selResource,
244 ResourceConstants.SCOPE_COMPANY, actionId);
245
246 PermissionServiceUtil.unsetRolePermissions(
247 roleId, themeDisplay.getPortletGroupId(), selResource,
248 ResourceConstants.SCOPE_GROUP_TEMPLATE, actionId);
249
250 PermissionServiceUtil.unsetRolePermissions(
251 roleId, themeDisplay.getPortletGroupId(), selResource,
252 ResourceConstants.SCOPE_GROUP, actionId);
253 }
254 }
255 }
256
257
259 SessionMessages.add(actionRequest, "permissionsUpdated");
260
261 String redirect =
262 ParamUtil.getString(actionRequest, "redirect") + "&" +
263 Constants.CMD + "=" + Constants.VIEW;
264
265 actionResponse.sendRedirect(redirect);
266 }
267
268 }