1
22
23 package com.liferay.portal.service.permission;
24
25 import com.liferay.portal.PortalException;
26 import com.liferay.portal.SystemException;
27 import com.liferay.portal.model.Group;
28 import com.liferay.portal.model.Layout;
29 import com.liferay.portal.model.Portlet;
30 import com.liferay.portal.model.PortletConstants;
31 import com.liferay.portal.security.auth.PrincipalException;
32 import com.liferay.portal.security.permission.ActionKeys;
33 import com.liferay.portal.security.permission.PermissionChecker;
34 import com.liferay.portal.security.permission.ResourceActionsUtil;
35 import com.liferay.portal.service.GroupLocalServiceUtil;
36 import com.liferay.portal.service.LayoutLocalServiceUtil;
37 import com.liferay.portal.util.PropsValues;
38
39 import java.util.List;
40
41 import org.apache.commons.logging.Log;
42 import org.apache.commons.logging.LogFactory;
43
44
50 public class PortletPermissionImpl implements PortletPermission {
51
52 public static final boolean DEFAULT_STRICT = false;
53
54 public void check(
55 PermissionChecker permissionChecker, String portletId,
56 String actionId)
57 throws PortalException, SystemException {
58
59 if (!contains(permissionChecker, portletId, actionId)) {
60 throw new PrincipalException();
61 }
62 }
63
64 public void check(
65 PermissionChecker permissionChecker, long plid, String portletId,
66 String actionId)
67 throws PortalException, SystemException {
68
69 check(permissionChecker, plid, portletId, actionId, DEFAULT_STRICT);
70 }
71
72 public void check(
73 PermissionChecker permissionChecker, long plid, String portletId,
74 String actionId, boolean strict)
75 throws PortalException, SystemException {
76
77 if (!contains(permissionChecker, plid, portletId, actionId, strict)) {
78 throw new PrincipalException();
79 }
80 }
81
82 public boolean contains(
83 PermissionChecker permissionChecker, String portletId,
84 String actionId)
85 throws PortalException, SystemException {
86
87 return contains(permissionChecker, 0, portletId, actionId);
88 }
89
90 public boolean contains(
91 PermissionChecker permissionChecker, long plid, String portletId,
92 String actionId)
93 throws PortalException, SystemException {
94
95 return contains(
96 permissionChecker, plid, portletId, actionId, DEFAULT_STRICT);
97 }
98
99 public boolean contains(
100 PermissionChecker permissionChecker, long plid, String portletId,
101 String actionId, boolean strict)
102 throws PortalException, SystemException {
103
104 long groupId = 0;
105 String name = null;
106 String primKey = null;
107
108 if (plid > 0) {
109 Layout layout = LayoutLocalServiceUtil.getLayout(plid);
110
111 groupId = layout.getGroupId();
112 name = PortletConstants.getRootPortletId(portletId);
113 primKey = getPrimaryKey(plid, portletId);
114
115 if ((layout.isPrivateLayout() &&
116 !PropsValues.LAYOUT_USER_PRIVATE_LAYOUTS_MODIFIABLE) ||
117 (layout.isPublicLayout() &&
118 !PropsValues.LAYOUT_USER_PUBLIC_LAYOUTS_MODIFIABLE)) {
119
120 if (actionId.equals(ActionKeys.CONFIGURATION)) {
121 Group group = GroupLocalServiceUtil.getGroup(
122 layout.getGroupId());
123
124 if (group.isUser()) {
125 return false;
126 }
127 }
128 }
129
130 if (!strict) {
131 if (LayoutPermissionUtil.contains(
132 permissionChecker, groupId, layout.isPrivateLayout(),
133 layout.getLayoutId(), ActionKeys.UPDATE) &&
134 hasLayoutManagerPermission(portletId, actionId)) {
135
136 return true;
137 }
138 }
139 }
140 else {
141 name = portletId;
142 primKey = portletId;
143 }
144
145 return permissionChecker.hasPermission(
146 groupId, name, primKey, actionId);
147 }
148
149 public boolean contains(
150 PermissionChecker permissionChecker, long plid, Portlet portlet,
151 String actionId)
152 throws PortalException, SystemException {
153
154 return contains(
155 permissionChecker, plid, portlet, actionId, DEFAULT_STRICT);
156 }
157
158 public boolean contains(
159 PermissionChecker permissionChecker, long plid, Portlet portlet,
160 String actionId, boolean strict)
161 throws PortalException, SystemException {
162
163 boolean value = contains(
164 permissionChecker, plid, portlet.getPortletId(), actionId, strict);
165
166 if (value) {
167 return true;
168 }
169 else {
170 if (portlet.isSystem() && actionId.equals(ActionKeys.VIEW)) {
171 return true;
172 }
173 else {
174 return false;
175 }
176 }
177 }
178
179 public String getPrimaryKey(long plid, String portletId) {
180 StringBuilder sb = new StringBuilder();
181
182 sb.append(plid);
183 sb.append(PortletConstants.LAYOUT_SEPARATOR);
184 sb.append(portletId);
185
186 return sb.toString();
187 }
188
189 public boolean hasLayoutManagerPermission(
190 String portletId, String actionId) {
191
192 try {
193 return hasLayoutManagerPermissionImpl(portletId, actionId);
194 }
195 catch (Exception e) {
196 _log.error(e, e);
197
198 return false;
199 }
200 }
201
202 protected boolean hasLayoutManagerPermissionImpl(
203 String portletId, String actionId) {
204
205 portletId = PortletConstants.getRootPortletId(portletId);
206
207 List<String> layoutManagerActions =
208 ResourceActionsUtil.getPortletResourceLayoutManagerActions(
209 portletId);
210
211 return layoutManagerActions.contains(actionId);
212 }
213
214 private static Log _log = LogFactory.getLog(PortletPermissionImpl.class);
215
216 }