1   /**
2    * Copyright (c) 2000-2008 Liferay, Inc. All rights reserved.
3    *
4    * Permission is hereby granted, free of charge, to any person obtaining a copy
5    * of this software and associated documentation files (the "Software"), to deal
6    * in the Software without restriction, including without limitation the rights
7    * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
8    * copies of the Software, and to permit persons to whom the Software is
9    * furnished to do so, subject to the following conditions:
10   *
11   * The above copyright notice and this permission notice shall be included in
12   * all copies or substantial portions of the Software.
13   *
14   * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15   * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16   * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
17   * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
18   * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
19   * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
20   * SOFTWARE.
21   */
22  
23  package com.liferay.portal.service.impl;
24  
25  import com.liferay.portal.NoSuchResourceException;
26  import com.liferay.portal.PortalException;
27  import com.liferay.portal.ResourceActionsException;
28  import com.liferay.portal.SystemException;
29  import com.liferay.portal.model.Group;
30  import com.liferay.portal.model.Permission;
31  import com.liferay.portal.model.Resource;
32  import com.liferay.portal.model.ResourceCode;
33  import com.liferay.portal.model.ResourceConstants;
34  import com.liferay.portal.model.Role;
35  import com.liferay.portal.model.impl.GroupImpl;
36  import com.liferay.portal.model.impl.RoleImpl;
37  import com.liferay.portal.security.permission.PermissionsListFilter;
38  import com.liferay.portal.security.permission.PermissionsListFilterFactory;
39  import com.liferay.portal.security.permission.ResourceActionsUtil;
40  import com.liferay.portal.service.RoleLocalServiceUtil;
41  import com.liferay.portal.service.base.ResourceLocalServiceBaseImpl;
42  import com.liferay.portal.util.PropsValues;
43  import com.liferay.portal.util.RoleNames;
44  import com.liferay.portal.util.comparator.ResourceComparator;
45  
46  import java.util.List;
47  
48  import org.apache.commons.lang.time.StopWatch;
49  import org.apache.commons.logging.Log;
50  import org.apache.commons.logging.LogFactory;
51  
52  /**
53   * <a href="ResourceLocalServiceImpl.java.html"><b><i>View Source</i></b></a>
54   *
55   * @author Brian Wing Shun Chan
56   * @author Wilson S. Man
57   * @author Raymond Augé
58   *
59   */
60  public class ResourceLocalServiceImpl extends ResourceLocalServiceBaseImpl {
61  
62      public void addModelResources(
63              long companyId, long groupId, long userId, String name,
64              long primKey, String[] communityPermissions,
65              String[] guestPermissions)
66          throws PortalException, SystemException {
67  
68          addModelResources(
69              companyId, groupId, userId, name, String.valueOf(primKey),
70              communityPermissions, guestPermissions);
71      }
72  
73      public void addModelResources(
74              long companyId, long groupId, long userId, String name,
75              String primKey, String[] communityPermissions,
76              String[] guestPermissions)
77          throws PortalException, SystemException {
78  
79          validate(companyId, name, false);
80  
81          // Company
82  
83          addResource(
84              companyId, name, ResourceConstants.SCOPE_COMPANY,
85              String.valueOf(companyId));
86  
87          // Guest
88  
89          Group guestGroup = groupLocalService.getGroup(
90              companyId, GroupImpl.GUEST);
91  
92          addResource(
93              companyId, name, ResourceConstants.SCOPE_GROUP,
94              String.valueOf(guestGroup.getGroupId()));
95  
96          // Group
97  
98          if ((groupId > 0) && (guestGroup.getGroupId() != groupId)) {
99              addResource(
100                 companyId, name, ResourceConstants.SCOPE_GROUP,
101                 String.valueOf(groupId));
102         }
103 
104         if (primKey != null) {
105 
106             // Individual
107 
108             Resource resource = addResource(
109                 companyId, name, ResourceConstants.SCOPE_INDIVIDUAL, primKey);
110 
111             long defaultUserId = userLocalService.getDefaultUserId(
112                 companyId);
113 
114             PermissionsListFilter permissionsListFilter =
115                 PermissionsListFilterFactory.getInstance();
116 
117             if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM != 5) {
118 
119                 // Permissions
120 
121                 List<Permission> permissionsList =
122                     permissionLocalService.addPermissions(
123                         companyId, name, resource.getResourceId(), false);
124 
125                 // User permissions
126 
127                 if ((userId > 0) && (userId != defaultUserId)) {
128                     List<Permission> userPermissionsList =
129                         permissionsListFilter.filterUserPermissions(
130                             companyId, groupId, userId, name, primKey, false,
131                             permissionsList);
132 
133                     userPersistence.addPermissions(userId, userPermissionsList);
134                 }
135             }
136 
137             // Community permissions
138 
139             if (groupId > 0) {
140                 Group group = groupPersistence.findByPrimaryKey(groupId);
141 
142                 if (communityPermissions == null) {
143                     communityPermissions = new String[0];
144                 }
145 
146                 List<Permission> communityPermissionsList =
147                     permissionLocalService.getPermissions(
148                         companyId, communityPermissions,
149                         resource.getResourceId());
150 
151                 communityPermissionsList =
152                     permissionsListFilter.filterCommunityPermissions(
153                         companyId, groupId, userId, name, primKey, false,
154                         communityPermissionsList);
155 
156                 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
157                     Role role = null;
158 
159                     if (group.isCommunity()) {
160                         role = RoleLocalServiceUtil.getRole(
161                             companyId, RoleNames.COMMUNITY_MEMBER);
162                     }
163                     else if (group.isOrganization()) {
164                         role = RoleLocalServiceUtil.getRole(
165                             companyId, RoleNames.ORGANIZATION_MEMBER);
166                     }
167                     else if (group.isUser() || group.isUserGroup()) {
168                         role = RoleLocalServiceUtil.getRole(
169                             companyId, RoleNames.POWER_USER);
170                     }
171 
172                     rolePersistence.addPermissions(
173                         role.getRoleId(), communityPermissionsList);
174                 }
175                 else {
176                     groupPersistence.addPermissions(
177                         groupId, communityPermissionsList);
178                 }
179             }
180 
181             // Guest permissions
182 
183             if (guestPermissions == null) {
184                 guestPermissions = new String[0];
185             }
186 
187             List<Permission> guestPermissionsList =
188                 permissionLocalService.getPermissions(
189                     companyId, guestPermissions, resource.getResourceId());
190 
191             guestPermissionsList = permissionsListFilter.filterGuestPermissions(
192                 companyId, groupId, userId, name, primKey, false,
193                 guestPermissionsList);
194 
195             if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
196                 Role guestRole = RoleLocalServiceUtil.getRole(
197                     companyId, RoleImpl.GUEST);
198 
199                 rolePersistence.addPermissions(
200                     guestRole.getRoleId(), guestPermissionsList);
201             }
202             else {
203                 userPersistence.addPermissions(
204                     defaultUserId, guestPermissionsList);
205             }
206         }
207     }
208 
209     public Resource addResource(
210             long companyId, String name, int scope, String primKey)
211         throws SystemException {
212 
213         ResourceCode resourceCode = resourceCodeLocalService.getResourceCode(
214             companyId, name, scope);
215 
216         Resource resource = resourcePersistence.fetchByC_P(
217             resourceCode.getCodeId(), primKey);
218 
219         if (resource == null) {
220             long resourceId = counterLocalService.increment(
221                 Resource.class.getName());
222 
223             resource = resourcePersistence.create(resourceId);
224 
225             resource.setCodeId(resourceCode.getCodeId());
226             resource.setPrimKey(primKey);
227 
228             resourcePersistence.update(resource, false);
229         }
230 
231         return resource;
232     }
233 
234     public void addResources(
235             long companyId, long groupId, String name, boolean portletActions)
236         throws PortalException, SystemException {
237 
238         addResources(
239             companyId, groupId, 0, name, null, portletActions, false, false);
240     }
241 
242     public void addResources(
243             long companyId, long groupId, long userId, String name,
244             long primKey, boolean portletActions,
245             boolean addCommunityPermissions, boolean addGuestPermissions)
246         throws PortalException, SystemException {
247 
248         addResources(
249             companyId, groupId, userId, name, String.valueOf(primKey),
250             portletActions, addCommunityPermissions, addGuestPermissions);
251     }
252 
253     public void addResources(
254             long companyId, long groupId, long userId, String name,
255             String primKey, boolean portletActions,
256             boolean addCommunityPermissions, boolean addGuestPermissions)
257         throws PortalException, SystemException {
258 
259         StopWatch stopWatch = null;
260 
261         if (_log.isDebugEnabled()) {
262             stopWatch = new StopWatch();
263 
264             stopWatch.start();
265         }
266 
267         validate(companyId, name, portletActions);
268 
269         logAddResources(name, primKey, stopWatch, 1);
270 
271         // Company
272 
273         addResource(
274             companyId, name, ResourceConstants.SCOPE_COMPANY,
275             String.valueOf(companyId));
276 
277         logAddResources(name, primKey, stopWatch, 2);
278 
279         if (groupId > 0) {
280             addResource(
281                 companyId, name, ResourceConstants.SCOPE_GROUP,
282                 String.valueOf(groupId));
283         }
284 
285         logAddResources(name, primKey, stopWatch, 3);
286 
287         if (primKey != null) {
288 
289             // Individual
290 
291             Resource resource = addResource(
292                 companyId, name, ResourceConstants.SCOPE_INDIVIDUAL, primKey);
293 
294             logAddResources(name, primKey, stopWatch, 4);
295 
296             if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM != 5) {
297 
298                 // Permissions
299 
300                 List<Permission> permissionsList =
301                     permissionLocalService.addPermissions(
302                         companyId, name, resource.getResourceId(),
303                         portletActions);
304 
305                 logAddResources(name, primKey, stopWatch, 5);
306 
307                 // User permissions
308 
309                 long defaultUserId = userLocalService.getDefaultUserId(
310                     companyId);
311 
312                 PermissionsListFilter permissionsListFilter =
313                     PermissionsListFilterFactory.getInstance();
314 
315                 if ((userId > 0) && (userId != defaultUserId)) {
316                     List<Permission> userPermissionsList =
317                         permissionsListFilter.filterUserPermissions(
318                             companyId, groupId, userId, name, primKey,
319                             portletActions, permissionsList);
320 
321                     userPersistence.addPermissions(userId, userPermissionsList);
322                 }
323             }
324 
325             logAddResources(name, primKey, stopWatch, 6);
326 
327             // Community permissions
328 
329             if ((groupId > 0) && addCommunityPermissions) {
330                 addCommunityPermissions(
331                     companyId, groupId, userId, name, resource, portletActions);
332             }
333 
334             logAddResources(name, primKey, stopWatch, 7);
335 
336             // Guest permissions
337 
338             if (addGuestPermissions) {
339 
340                 // Don't add guest permissions when you've already added
341                 // community permissions and the given community is the guest
342                 // community.
343 
344                 addGuestPermissions(
345                     companyId, groupId, userId, name, resource, portletActions);
346             }
347 
348             logAddResources(name, primKey, stopWatch, 8);
349         }
350     }
351 
352     public void deleteResource(long resourceId) throws SystemException {
353         try {
354             Resource resource = resourcePersistence.findByPrimaryKey(
355                 resourceId);
356 
357             deleteResource(resource);
358         }
359         catch (NoSuchResourceException nsre) {
360             _log.warn(nsre);
361         }
362     }
363 
364     public void deleteResource(Resource resource) throws SystemException {
365 
366         // Permissions
367 
368         List<Permission> permissions = permissionPersistence.findByResourceId(
369             resource.getResourceId());
370 
371         for (Permission permission : permissions) {
372             orgGroupPermissionPersistence.removeByPermissionId(
373                 permission.getPermissionId());
374         }
375 
376         permissionPersistence.removeByResourceId(resource.getResourceId());
377 
378         // Resource
379 
380         resourcePersistence.remove(resource);
381     }
382 
383     public void deleteResource(
384             long companyId, String name, int scope, long primKey)
385         throws PortalException, SystemException {
386 
387         deleteResource(companyId, name, scope, String.valueOf(primKey));
388     }
389 
390     public void deleteResource(
391             long companyId, String name, int scope, String primKey)
392         throws PortalException, SystemException {
393 
394         try {
395             Resource resource = getResource(companyId, name, scope, primKey);
396 
397             deleteResource(resource.getResourceId());
398         }
399         catch (NoSuchResourceException nsre) {
400             _log.warn(nsre);
401         }
402     }
403 
404     public void deleteResources(String name) throws SystemException {
405         List<Resource> resources = resourceFinder.findByName(name);
406 
407         for (Resource resource : resources) {
408             deleteResource(resource);
409         }
410     }
411 
412     public long getLatestResourceId() throws SystemException {
413         List<Resource> resources = resourcePersistence.findAll(
414             0, 1, new ResourceComparator());
415 
416         if (resources.size() == 0) {
417             return 0;
418         }
419         else {
420             Resource resource = resources.get(0);
421 
422             return resource.getResourceId();
423         }
424     }
425 
426     public Resource getResource(long resourceId)
427         throws PortalException, SystemException {
428 
429         return resourcePersistence.findByPrimaryKey(resourceId);
430     }
431 
432     public List<Resource> getResources() throws SystemException {
433         return resourcePersistence.findAll();
434     }
435 
436     public Resource getResource(
437             long companyId, String name, int scope, String primKey)
438         throws PortalException, SystemException {
439 
440         ResourceCode resourceCode = resourceCodeLocalService.getResourceCode(
441             companyId, name, scope);
442 
443         return resourcePersistence.findByC_P(resourceCode.getCodeId(), primKey);
444     }
445 
446     protected void addCommunityPermissions(
447             long companyId, long groupId, long userId, String name,
448             Resource resource, boolean portletActions)
449         throws PortalException, SystemException {
450 
451         StopWatch stopWatch = null;
452 
453         if (_log.isDebugEnabled()) {
454             stopWatch = new StopWatch();
455 
456             stopWatch.start();
457         }
458 
459         Group group = groupPersistence.findByPrimaryKey(groupId);
460 
461         long resourceId = resource.getResourceId();
462         String primKey = resource.getPrimKey();
463 
464         logAddCommunityPermissions(groupId, name, resourceId, stopWatch, 1);
465 
466         List<String> actions = null;
467 
468         if (portletActions) {
469             actions =
470                 ResourceActionsUtil.getPortletResourceCommunityDefaultActions(
471                     name);
472         }
473         else {
474             actions =
475                 ResourceActionsUtil.getModelResourceCommunityDefaultActions(
476                     name);
477         }
478 
479         logAddCommunityPermissions(groupId, name, resourceId, stopWatch, 2);
480 
481         String[] actionIds = actions.toArray(new String[actions.size()]);
482 
483         List<Permission> communityPermissionsList =
484             permissionLocalService.getPermissions(
485                 group.getCompanyId(), actionIds, resourceId);
486 
487         logAddCommunityPermissions(groupId, name, resourceId, stopWatch, 3);
488 
489         PermissionsListFilter permissionsListFilter =
490             PermissionsListFilterFactory.getInstance();
491 
492         communityPermissionsList =
493             permissionsListFilter.filterCommunityPermissions(
494                 companyId, groupId, userId, name, primKey, portletActions,
495                 communityPermissionsList);
496 
497         logAddCommunityPermissions(groupId, name, resourceId, stopWatch, 4);
498 
499         if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
500             Role role = null;
501 
502             if (group.isCommunity()) {
503                 role = RoleLocalServiceUtil.getRole(
504                     companyId, RoleNames.COMMUNITY_MEMBER);
505             }
506             else if (group.isOrganization()) {
507                 role = RoleLocalServiceUtil.getRole(
508                     companyId, RoleNames.ORGANIZATION_MEMBER);
509             }
510             else if (group.isUser() || group.isUserGroup()) {
511                 role = RoleLocalServiceUtil.getRole(
512                     companyId, RoleNames.POWER_USER);
513             }
514 
515             rolePersistence.addPermissions(
516                 role.getRoleId(), communityPermissionsList);
517         }
518         else {
519             groupPersistence.addPermissions(groupId, communityPermissionsList);
520         }
521 
522         logAddCommunityPermissions(groupId, name, resourceId, stopWatch, 5);
523     }
524 
525     protected void addGuestPermissions(
526             long companyId, long groupId, long userId, String name,
527             Resource resource, boolean portletActions)
528         throws PortalException, SystemException {
529 
530         List<String> actions = null;
531 
532         if (portletActions) {
533             actions = ResourceActionsUtil.getPortletResourceGuestDefaultActions(
534                 name);
535         }
536         else {
537             actions = ResourceActionsUtil.getModelResourceGuestDefaultActions(
538                 name);
539         }
540 
541         String[] actionIds = actions.toArray(new String[actions.size()]);
542 
543         List<Permission> guestPermissionsList =
544             permissionLocalService.getPermissions(
545                 companyId, actionIds, resource.getResourceId());
546 
547         PermissionsListFilter permissionsListFilter =
548             PermissionsListFilterFactory.getInstance();
549 
550         guestPermissionsList =
551             permissionsListFilter.filterGuestPermissions(
552                 companyId, groupId, userId, name, resource.getPrimKey(),
553                 portletActions, guestPermissionsList);
554 
555         if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
556             Role guestRole = RoleLocalServiceUtil.getRole(
557                 companyId, RoleImpl.GUEST);
558 
559             rolePersistence.addPermissions(
560                 guestRole.getRoleId(), guestPermissionsList);
561         }
562         else {
563             long defaultUserId = userLocalService.getDefaultUserId(companyId);
564 
565             userPersistence.addPermissions(defaultUserId, guestPermissionsList);
566         }
567     }
568 
569     protected void logAddCommunityPermissions(
570         long groupId, String name, long resourceId, StopWatch stopWatch,
571         int block) {
572 
573         if (!_log.isDebugEnabled()) {
574             return;
575         }
576 
577         _log.debug(
578             "Adding community permissions block " + block + " for " + groupId +
579                 " " + name + " " + resourceId + " takes " +
580                     stopWatch.getTime() + " ms");
581     }
582 
583     protected void logAddResources(
584         String name, String primKey, StopWatch stopWatch, int block) {
585 
586         if (!_log.isDebugEnabled()) {
587             return;
588         }
589 
590         _log.debug(
591             "Adding resources block " + block + " for " + name + " " + primKey +
592                 " takes " + stopWatch.getTime() + " ms");
593     }
594 
595     protected void validate(
596             long companyId, String name, boolean portletActions)
597         throws PortalException, SystemException {
598 
599         List<String> actions = null;
600 
601         if (portletActions) {
602             actions = ResourceActionsUtil.getPortletResourceActions(
603                 companyId, name);
604         }
605         else {
606             actions = ResourceActionsUtil.getModelResourceActions(name);
607         }
608 
609         if (actions.size() == 0) {
610             throw new ResourceActionsException(
611                 "There are no actions associated with the resource " + name);
612         }
613     }
614 
615     private static Log _log = LogFactory.getLog(ResourceLocalServiceImpl.class);
616 
617 }