1   /**
2    * Copyright (c) 2000-2010 Liferay, Inc. All rights reserved.
3    *
4    * This library is free software; you can redistribute it and/or modify it under
5    * the terms of the GNU Lesser General Public License as published by the Free
6    * Software Foundation; either version 2.1 of the License, or (at your option)
7    * any later version.
8    *
9    * This library is distributed in the hope that it will be useful, but WITHOUT
10   * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
11   * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
12   * details.
13   */
14  
15  package com.liferay.portal.service.permission;
16  
17  import com.liferay.portal.kernel.exception.PortalException;
18  import com.liferay.portal.kernel.exception.SystemException;
19  import com.liferay.portal.kernel.log.Log;
20  import com.liferay.portal.kernel.log.LogFactoryUtil;
21  import com.liferay.portal.model.Group;
22  import com.liferay.portal.model.GroupConstants;
23  import com.liferay.portal.model.Layout;
24  import com.liferay.portal.model.Portlet;
25  import com.liferay.portal.model.PortletConstants;
26  import com.liferay.portal.security.auth.PrincipalException;
27  import com.liferay.portal.security.permission.ActionKeys;
28  import com.liferay.portal.security.permission.PermissionChecker;
29  import com.liferay.portal.security.permission.ResourceActionsUtil;
30  import com.liferay.portal.service.GroupLocalServiceUtil;
31  import com.liferay.portal.service.LayoutLocalServiceUtil;
32  import com.liferay.portal.util.PropsValues;
33  
34  import java.util.List;
35  
36  /**
37   * <a href="PortletPermissionImpl.java.html"><b><i>View Source</i></b></a>
38   *
39   * @author Brian Wing Shun Chan
40   */
41  public class PortletPermissionImpl implements PortletPermission {
42  
43      public static final boolean DEFAULT_STRICT = false;
44  
45      public void check(
46              PermissionChecker permissionChecker, long plid, String portletId,
47              String actionId)
48          throws PortalException, SystemException {
49  
50          check(permissionChecker, plid, portletId, actionId, DEFAULT_STRICT);
51      }
52  
53      public void check(
54              PermissionChecker permissionChecker, long plid, String portletId,
55              String actionId, boolean strict)
56          throws PortalException, SystemException {
57  
58          if (!contains(permissionChecker, plid, portletId, actionId, strict)) {
59              throw new PrincipalException();
60          }
61      }
62  
63      public void check(
64              PermissionChecker permissionChecker, String portletId,
65              String actionId)
66          throws PortalException, SystemException {
67  
68          if (!contains(permissionChecker, portletId, actionId)) {
69              throw new PrincipalException();
70          }
71      }
72  
73      public boolean contains(
74              PermissionChecker permissionChecker, long plid, Portlet portlet,
75              String actionId)
76          throws PortalException, SystemException {
77  
78          return contains(
79              permissionChecker, plid, portlet, actionId, DEFAULT_STRICT);
80      }
81  
82      public boolean contains(
83              PermissionChecker permissionChecker, long plid, Portlet portlet,
84              String actionId, boolean strict)
85          throws PortalException, SystemException {
86  
87          if (portlet.isUndeployedPortlet()) {
88              return false;
89          }
90  
91          boolean value = contains(
92              permissionChecker, plid, portlet.getPortletId(), actionId, strict);
93  
94          if (value) {
95              return true;
96          }
97          else {
98              if (portlet.isSystem() && actionId.equals(ActionKeys.VIEW)) {
99                  return true;
100             }
101             else {
102                 return false;
103             }
104         }
105     }
106 
107     public boolean contains(
108             PermissionChecker permissionChecker, long plid, String portletId,
109             String actionId)
110         throws PortalException, SystemException {
111 
112         return contains(
113             permissionChecker, plid, portletId, actionId, DEFAULT_STRICT);
114     }
115 
116     public boolean contains(
117             PermissionChecker permissionChecker, long plid, String portletId,
118             String actionId, boolean strict)
119         throws PortalException, SystemException {
120 
121         long groupId = 0;
122         String name = null;
123         String primKey = null;
124 
125         if (plid > 0) {
126             Layout layout = LayoutLocalServiceUtil.getLayout(plid);
127 
128             groupId = layout.getGroupId();
129             name = PortletConstants.getRootPortletId(portletId);
130             primKey = getPrimaryKey(plid, portletId);
131 
132             if ((layout.isPrivateLayout() &&
133                  !PropsValues.LAYOUT_USER_PRIVATE_LAYOUTS_MODIFIABLE) ||
134                 (layout.isPublicLayout() &&
135                  !PropsValues.LAYOUT_USER_PUBLIC_LAYOUTS_MODIFIABLE)) {
136 
137                 if (actionId.equals(ActionKeys.CONFIGURATION)) {
138                     Group group = GroupLocalServiceUtil.getGroup(
139                         layout.getGroupId());
140 
141                     if (group.isUser()) {
142                         return false;
143                     }
144                 }
145             }
146 
147             if (actionId.equals(ActionKeys.VIEW)) {
148                 Group group = GroupLocalServiceUtil.getGroup(
149                     layout.getGroupId());
150 
151                 if (group.getName().equals(GroupConstants.CONTROL_PANEL)) {
152                     return true;
153                 }
154             }
155 
156             if (!strict) {
157                 if (LayoutPermissionUtil.contains(
158                         permissionChecker, groupId, layout.isPrivateLayout(),
159                         layout.getLayoutId(), ActionKeys.UPDATE) &&
160                     hasLayoutManagerPermission(portletId, actionId)) {
161 
162                     return true;
163                 }
164             }
165         }
166         else {
167             name = portletId;
168             primKey = portletId;
169         }
170 
171         return permissionChecker.hasPermission(
172             groupId, name, primKey, actionId);
173     }
174 
175     public boolean contains(
176             PermissionChecker permissionChecker, String portletId,
177             String actionId)
178         throws PortalException, SystemException {
179 
180         return contains(permissionChecker, 0, portletId, actionId);
181     }
182 
183     public String getPrimaryKey(long plid, String portletId) {
184         return String.valueOf(plid).concat(
185             PortletConstants.LAYOUT_SEPARATOR).concat(portletId);
186     }
187 
188     public boolean hasLayoutManagerPermission(
189         String portletId, String actionId) {
190 
191         try {
192             return hasLayoutManagerPermissionImpl(portletId, actionId);
193         }
194         catch (Exception e) {
195             _log.error(e, e);
196 
197             return false;
198         }
199     }
200 
201     protected boolean hasLayoutManagerPermissionImpl(
202         String portletId, String actionId) {
203 
204         portletId = PortletConstants.getRootPortletId(portletId);
205 
206         List<String> layoutManagerActions =
207             ResourceActionsUtil.getPortletResourceLayoutManagerActions(
208                 portletId);
209 
210         return layoutManagerActions.contains(actionId);
211     }
212 
213     private static Log _log = LogFactoryUtil.getLog(
214         PortletPermissionImpl.class);
215 
216 }