1
14
15 package com.liferay.portlet.portletconfiguration.action;
16
17 import com.liferay.portal.kernel.servlet.SessionErrors;
18 import com.liferay.portal.kernel.servlet.SessionMessages;
19 import com.liferay.portal.kernel.util.Constants;
20 import com.liferay.portal.kernel.util.ParamUtil;
21 import com.liferay.portal.kernel.util.StringUtil;
22 import com.liferay.portal.kernel.util.Validator;
23 import com.liferay.portal.model.Layout;
24 import com.liferay.portal.model.Organization;
25 import com.liferay.portal.model.Portlet;
26 import com.liferay.portal.model.PortletConstants;
27 import com.liferay.portal.model.Resource;
28 import com.liferay.portal.model.UserGroup;
29 import com.liferay.portal.security.auth.PrincipalException;
30 import com.liferay.portal.service.PermissionServiceUtil;
31 import com.liferay.portal.service.PortletLocalServiceUtil;
32 import com.liferay.portal.service.ResourceLocalServiceUtil;
33 import com.liferay.portal.service.ResourcePermissionServiceUtil;
34 import com.liferay.portal.servlet.filters.cache.CacheUtil;
35 import com.liferay.portal.theme.ThemeDisplay;
36 import com.liferay.portal.util.PropsValues;
37 import com.liferay.portal.util.WebKeys;
38
39 import java.util.ArrayList;
40 import java.util.Enumeration;
41 import java.util.List;
42
43 import javax.portlet.ActionRequest;
44 import javax.portlet.ActionResponse;
45 import javax.portlet.PortletConfig;
46 import javax.portlet.RenderRequest;
47 import javax.portlet.RenderResponse;
48
49 import org.apache.struts.action.ActionForm;
50 import org.apache.struts.action.ActionForward;
51 import org.apache.struts.action.ActionMapping;
52
53
58 public class EditPermissionsAction extends EditConfigurationAction {
59
60 public void processAction(
61 ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
62 ActionRequest actionRequest, ActionResponse actionResponse)
63 throws Exception {
64
65 String cmd = ParamUtil.getString(actionRequest, Constants.CMD);
66
67 try {
68 if (cmd.equals("group_permissions")) {
69 updateGroupPermissions(actionRequest);
70 }
71 else if (cmd.equals("guest_permissions")) {
72 updateGuestPermissions(actionRequest);
73 }
74 else if (cmd.equals("organization_permissions")) {
75 updateOrganizationPermissions(actionRequest);
76 }
77 else if (cmd.equals("role_permissions")) {
78 updateRolePermissions(actionRequest);
79 }
80 else if (cmd.equals("user_group_permissions")) {
81 updateUserGroupPermissions(actionRequest);
82 }
83 else if (cmd.equals("user_permissions")) {
84 updateUserPermissions(actionRequest);
85 }
86
87 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM < 5) {
88 String redirect = ParamUtil.getString(
89 actionRequest, "permissionsRedirect");
90
91 sendRedirect(actionRequest, actionResponse, redirect);
92 }
93 else {
94 SessionMessages.add(actionRequest, "request_processed");
95 }
96 }
97 catch (Exception e) {
98 if (e instanceof PrincipalException) {
99 SessionErrors.add(actionRequest, e.getClass().getName());
100
101 setForward(
102 actionRequest, "portlet.portlet_configuration.error");
103 }
104 else {
105 throw e;
106 }
107 }
108 }
109
110 public ActionForward render(
111 ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
112 RenderRequest renderRequest, RenderResponse renderResponse)
113 throws Exception {
114
115 ThemeDisplay themeDisplay = (ThemeDisplay)renderRequest.getAttribute(
116 WebKeys.THEME_DISPLAY);
117
118 long groupId = themeDisplay.getScopeGroupId();
119
120 String portletResource = ParamUtil.getString(
121 renderRequest, "portletResource");
122 String modelResource = ParamUtil.getString(
123 renderRequest, "modelResource");
124 String resourcePrimKey = ParamUtil.getString(
125 renderRequest, "resourcePrimKey");
126
127 String selResource = portletResource;
128
129 if (Validator.isNotNull(modelResource)) {
130 selResource = modelResource;
131 }
132
133 try {
134 PermissionServiceUtil.checkPermission(
135 groupId, selResource, resourcePrimKey);
136 }
137 catch (PrincipalException pe) {
138 SessionErrors.add(
139 renderRequest, PrincipalException.class.getName());
140
141 setForward(renderRequest, "portlet.portlet_configuration.error");
142 }
143
144 Portlet portlet = PortletLocalServiceUtil.getPortletById(
145 themeDisplay.getCompanyId(), portletResource);
146
147 if (portlet != null) {
148 renderResponse.setTitle(getTitle(portlet, renderRequest));
149 }
150
151 return mapping.findForward(getForward(
152 renderRequest, "portlet.portlet_configuration.edit_permissions"));
153 }
154
155 protected String[] getActionIds(ActionRequest actionRequest, long roleId) {
156 List<String> actionIds = new ArrayList<String>();
157
158 Enumeration<String> enu = actionRequest.getParameterNames();
159
160 while (enu.hasMoreElements()) {
161 String name = enu.nextElement();
162
163 if (name.startsWith(roleId + "_ACTION_")) {
164 int pos = name.indexOf("_ACTION_");
165
166 String actionId = name.substring(pos + 8);
167
168 actionIds.add(actionId);
169 }
170 }
171
172 return actionIds.toArray(new String[actionIds.size()]);
173 }
174
175 protected void updateGroupPermissions(ActionRequest actionRequest)
176 throws Exception {
177
178 Layout layout = (Layout)actionRequest.getAttribute(WebKeys.LAYOUT);
179
180 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
181 long groupId = ParamUtil.getLong(actionRequest, "groupId");
182 String[] actionIds = StringUtil.split(
183 ParamUtil.getString(actionRequest, "groupIdActionIds"));
184
185 PermissionServiceUtil.setGroupPermissions(
186 groupId, actionIds, resourceId);
187
188 if (!layout.isPrivateLayout()) {
189 Resource resource =
190 ResourceLocalServiceUtil.getResource(resourceId);
191
192 if (resource.getPrimKey().startsWith(
193 layout.getPlid() + PortletConstants.LAYOUT_SEPARATOR)) {
194
195 CacheUtil.clearCache(layout.getCompanyId());
196 }
197 }
198 }
199
200 protected void updateGuestPermissions(ActionRequest actionRequest)
201 throws Exception {
202
203 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
204 WebKeys.THEME_DISPLAY);
205
206 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
207 String[] actionIds = StringUtil.split(
208 ParamUtil.getString(actionRequest, "guestActionIds"));
209
210 PermissionServiceUtil.setUserPermissions(
211 themeDisplay.getDefaultUserId(), themeDisplay.getScopeGroupId(),
212 actionIds, resourceId);
213 }
214
215 protected void updateOrganizationPermissions(ActionRequest actionRequest)
216 throws Exception {
217
218 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
219 WebKeys.THEME_DISPLAY);
220
221 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
222 long organizationId = ParamUtil.getLong(
223 actionRequest, "organizationIdsPosValue");
224 String[] actionIds = StringUtil.split(
225 ParamUtil.getString(actionRequest, "organizationIdActionIds"));
226
229 PermissionServiceUtil.setGroupPermissions(
231 Organization.class.getName(), String.valueOf(organizationId),
232 themeDisplay.getScopeGroupId(), actionIds, resourceId);
233
238 }
239
240 protected void updateRolePermissions(ActionRequest actionRequest)
241 throws Exception {
242
243 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
244 updateRolePermissions_5(actionRequest);
245 }
246 else if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
247 updateRolePermissions_6(actionRequest);
248 }
249 else {
250 updateRolePermissions_1to4(actionRequest);
251 }
252 }
253
254 protected void updateRolePermissions_1to4(ActionRequest actionRequest)
255 throws Exception {
256
257 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
258 WebKeys.THEME_DISPLAY);
259
260 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
261 long roleId = ParamUtil.getLong(actionRequest, "roleIdsPosValue");
262 String[] actionIds = StringUtil.split(
263 ParamUtil.getString(actionRequest, "roleIdActionIds"));
264
265 PermissionServiceUtil.setRolePermissions(
266 roleId, themeDisplay.getScopeGroupId(), actionIds, resourceId);
267 }
268
269 protected void updateRolePermissions_5(ActionRequest actionRequest)
270 throws Exception {
271
272 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
273 WebKeys.THEME_DISPLAY);
274
275 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
276 long[] roleIds = StringUtil.split(
277 ParamUtil.getString(
278 actionRequest, "rolesSearchContainerPrimaryKeys"), 0L);
279
280 for (long roleId : roleIds) {
281 String[] actionIds = getActionIds(actionRequest, roleId);
282
283 PermissionServiceUtil.setRolePermissions(
284 roleId, themeDisplay.getScopeGroupId(), actionIds, resourceId);
285 }
286 }
287
288 protected void updateRolePermissions_6(ActionRequest actionRequest)
289 throws Exception {
290
291 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
292 WebKeys.THEME_DISPLAY);
293
294 String portletResource = ParamUtil.getString(
295 actionRequest, "portletResource");
296 String modelResource = ParamUtil.getString(
297 actionRequest, "modelResource");
298 long[] roleIds = StringUtil.split(
299 ParamUtil.getString(
300 actionRequest, "rolesSearchContainerPrimaryKeys"), 0L);
301
302 String selResource = portletResource;
303
304 if (Validator.isNotNull(modelResource)) {
305 selResource = modelResource;
306 }
307
308 String resourcePrimKey = ParamUtil.getString(
309 actionRequest, "resourcePrimKey");
310
311 for (long roleId : roleIds) {
312 String[] actionIds = getActionIds(actionRequest, roleId);
313
314 ResourcePermissionServiceUtil.setIndividualResourcePermissions(
315 themeDisplay.getScopeGroupId(), themeDisplay.getCompanyId(),
316 selResource, resourcePrimKey, roleId, actionIds);
317 }
318 }
319
320 protected void updateUserGroupPermissions(ActionRequest actionRequest)
321 throws Exception {
322
323 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
324 WebKeys.THEME_DISPLAY);
325
326 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
327 long userGroupId = ParamUtil.getLong(
328 actionRequest, "userGroupIdsPosValue");
329 String[] actionIds = StringUtil.split(
330 ParamUtil.getString(actionRequest, "userGroupIdActionIds"));
331
332 PermissionServiceUtil.setGroupPermissions(
333 UserGroup.class.getName(), String.valueOf(userGroupId),
334 themeDisplay.getScopeGroupId(), actionIds, resourceId);
335 }
336
337 protected void updateUserPermissions(ActionRequest actionRequest)
338 throws Exception {
339
340 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
341 WebKeys.THEME_DISPLAY);
342
343 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
344 long userId = ParamUtil.getLong(actionRequest, "userIdsPosValue");
345 String[] actionIds = StringUtil.split(
346 ParamUtil.getString(actionRequest, "userIdActionIds"));
347
348 PermissionServiceUtil.setUserPermissions(
349 userId, themeDisplay.getScopeGroupId(), actionIds, resourceId);
350 }
351
352 }