1
22
23 package com.liferay.portal.service.impl;
24
25 import com.liferay.portal.PortalException;
26 import com.liferay.portal.SystemException;
27 import com.liferay.portal.kernel.util.GetterUtil;
28 import com.liferay.portal.model.Group;
29 import com.liferay.portal.model.Layout;
30 import com.liferay.portal.model.PortletConstants;
31 import com.liferay.portal.model.Resource;
32 import com.liferay.portal.model.Role;
33 import com.liferay.portal.model.User;
34 import com.liferay.portal.security.auth.PrincipalException;
35 import com.liferay.portal.security.permission.ActionKeys;
36 import com.liferay.portal.security.permission.PermissionChecker;
37 import com.liferay.portal.security.permission.PermissionCheckerBag;
38 import com.liferay.portal.service.base.PermissionServiceBaseImpl;
39 import com.liferay.portal.service.permission.GroupPermissionUtil;
40 import com.liferay.portal.service.permission.PortletPermissionUtil;
41 import com.liferay.portal.service.permission.UserPermissionUtil;
42 import com.liferay.portlet.blogs.model.BlogsEntry;
43 import com.liferay.portlet.blogs.service.permission.BlogsEntryPermission;
44 import com.liferay.portlet.bookmarks.model.BookmarksFolder;
45 import com.liferay.portlet.bookmarks.service.permission.BookmarksFolderPermission;
46 import com.liferay.portlet.calendar.model.CalEvent;
47 import com.liferay.portlet.calendar.service.permission.CalEventPermission;
48 import com.liferay.portlet.documentlibrary.model.DLFolder;
49 import com.liferay.portlet.documentlibrary.service.permission.DLFolderPermission;
50 import com.liferay.portlet.imagegallery.model.IGFolder;
51 import com.liferay.portlet.imagegallery.service.permission.IGFolderPermission;
52 import com.liferay.portlet.journal.model.JournalArticle;
53 import com.liferay.portlet.journal.model.JournalFeed;
54 import com.liferay.portlet.journal.model.JournalStructure;
55 import com.liferay.portlet.journal.model.JournalTemplate;
56 import com.liferay.portlet.journal.service.permission.JournalArticlePermission;
57 import com.liferay.portlet.journal.service.permission.JournalFeedPermission;
58 import com.liferay.portlet.journal.service.permission.JournalStructurePermission;
59 import com.liferay.portlet.journal.service.permission.JournalTemplatePermission;
60 import com.liferay.portlet.messageboards.model.MBCategory;
61 import com.liferay.portlet.messageboards.service.permission.MBCategoryPermission;
62 import com.liferay.portlet.polls.model.PollsQuestion;
63 import com.liferay.portlet.polls.service.permission.PollsQuestionPermission;
64 import com.liferay.portlet.shopping.model.ShoppingCategory;
65 import com.liferay.portlet.shopping.model.ShoppingItem;
66 import com.liferay.portlet.shopping.service.permission.ShoppingCategoryPermission;
67 import com.liferay.portlet.shopping.service.permission.ShoppingItemPermission;
68 import com.liferay.portlet.softwarecatalog.model.SCFrameworkVersion;
69 import com.liferay.portlet.softwarecatalog.model.SCProductEntry;
70 import com.liferay.portlet.softwarecatalog.service.permission.SCFrameworkVersionPermission;
71 import com.liferay.portlet.softwarecatalog.service.permission.SCProductEntryPermission;
72 import com.liferay.portlet.wiki.model.WikiNode;
73 import com.liferay.portlet.wiki.service.permission.WikiNodePermission;
74
75
82 public class PermissionServiceImpl extends PermissionServiceBaseImpl {
83
84 public void checkPermission(long groupId, String name, String primKey)
85 throws PortalException, SystemException {
86
87 checkPermission(getPermissionChecker(), groupId, name, primKey);
88 }
89
90 public boolean hasGroupPermission(
91 long groupId, String actionId, long resourceId)
92 throws SystemException {
93
94 return permissionLocalService.hasGroupPermission(
95 groupId, actionId, resourceId);
96 }
97
98 public boolean hasUserPermission(
99 long userId, String actionId, long resourceId)
100 throws SystemException {
101
102 return permissionLocalService.hasUserPermission(
103 userId, actionId, resourceId);
104 }
105
106 public boolean hasUserPermissions(
107 long userId, long groupId, String actionId, long[] resourceIds,
108 PermissionCheckerBag permissionCheckerBag)
109 throws SystemException {
110
111 return permissionLocalService.hasUserPermissions(
112 userId, groupId, actionId, resourceIds, permissionCheckerBag);
113 }
114
115 public void setGroupPermissions(
116 long groupId, String[] actionIds, long resourceId)
117 throws PortalException, SystemException {
118
119 checkPermission(getPermissionChecker(), groupId, resourceId);
120
121 permissionLocalService.setGroupPermissions(
122 groupId, actionIds, resourceId);
123 }
124
125 public void setGroupPermissions(
126 String className, String classPK, long groupId,
127 String[] actionIds, long resourceId)
128 throws PortalException, SystemException {
129
130 checkPermission(getPermissionChecker(), groupId, resourceId);
131
132 permissionLocalService.setGroupPermissions(
133 className, classPK, groupId, actionIds, resourceId);
134 }
135
136 public void setOrgGroupPermissions(
137 long organizationId, long groupId, String[] actionIds,
138 long resourceId)
139 throws PortalException, SystemException {
140
141 checkPermission(getPermissionChecker(), groupId, resourceId);
142
143 permissionLocalService.setOrgGroupPermissions(
144 organizationId, groupId, actionIds, resourceId);
145 }
146
147 public void setRolePermission(
148 long roleId, long groupId, String name, int scope, String primKey,
149 String actionId)
150 throws PortalException, SystemException {
151
152 checkPermission(
153 getPermissionChecker(), groupId, Role.class.getName(), roleId);
154
155 permissionLocalService.setRolePermission(
156 roleId, getUser().getCompanyId(), name, scope, primKey, actionId);
157 }
158
159 public void setRolePermissions(
160 long roleId, long groupId, String[] actionIds, long resourceId)
161 throws PortalException, SystemException {
162
163 checkPermission(getPermissionChecker(), groupId, resourceId);
164
165 permissionLocalService.setRolePermissions(
166 roleId, actionIds, resourceId);
167 }
168
169 public void setUserPermissions(
170 long userId, long groupId, String[] actionIds, long resourceId)
171 throws PortalException, SystemException {
172
173 checkPermission(getPermissionChecker(), groupId, resourceId);
174
175 permissionLocalService.setUserPermissions(
176 userId, actionIds, resourceId);
177 }
178
179 public void unsetRolePermission(
180 long roleId, long groupId, long permissionId)
181 throws SystemException, PortalException {
182
183 checkPermission(
184 getPermissionChecker(), groupId, Role.class.getName(), roleId);
185
186 permissionLocalService.unsetRolePermission(roleId, permissionId);
187 }
188
189 public void unsetRolePermission(
190 long roleId, long groupId, String name, int scope, String primKey,
191 String actionId)
192 throws PortalException, SystemException {
193
194 checkPermission(
195 getPermissionChecker(), groupId, Role.class.getName(), roleId);
196
197 permissionLocalService.unsetRolePermission(
198 roleId, getUser().getCompanyId(), name, scope, primKey, actionId);
199 }
200
201 public void unsetRolePermissions(
202 long roleId, long groupId, String name, int scope, String actionId)
203 throws PortalException, SystemException {
204
205 checkPermission(
206 getPermissionChecker(), groupId, Role.class.getName(), roleId);
207
208 permissionLocalService.unsetRolePermissions(
209 roleId, getUser().getCompanyId(), name, scope, actionId);
210 }
211
212 public void unsetUserPermissions(
213 long userId, long groupId, String[] actionIds, long resourceId)
214 throws PortalException, SystemException {
215
216 checkPermission(getPermissionChecker(), groupId, resourceId);
217
218 permissionLocalService.unsetUserPermissions(
219 userId, actionIds, resourceId);
220 }
221
222 protected void checkPermission(
223 PermissionChecker permissionChecker, long groupId,
224 long resourceId)
225 throws PortalException, SystemException {
226
227 Resource resource = resourcePersistence.findByPrimaryKey(resourceId);
228
229 checkPermission(
230 permissionChecker, groupId, resource.getName(),
231 resource.getPrimKey().toString());
232 }
233
234 protected void checkPermission(
235 PermissionChecker permissionChecker, long groupId, String name,
236 long primKey)
237 throws PortalException, SystemException {
238
239 checkPermission(
240 permissionChecker, groupId, name, String.valueOf(primKey));
241 }
242
243 protected void checkPermission(
244 PermissionChecker permissionChecker, long groupId, String name,
245 String primKey)
246 throws PortalException, SystemException {
247
248 if (name.equals(BlogsEntry.class.getName())) {
249 BlogsEntryPermission.check(
250 permissionChecker, GetterUtil.getLong(primKey),
251 ActionKeys.PERMISSIONS);
252 }
253 else if (name.equals(BookmarksFolder.class.getName())) {
254 BookmarksFolderPermission.check(
255 permissionChecker, GetterUtil.getLong(primKey),
256 ActionKeys.PERMISSIONS);
257 }
258 else if (name.equals(CalEvent.class.getName())) {
259 CalEventPermission.check(
260 permissionChecker, GetterUtil.getLong(primKey),
261 ActionKeys.PERMISSIONS);
262 }
263 else if (name.equals(DLFolder.class.getName())) {
264 DLFolderPermission.check(
265 permissionChecker, GetterUtil.getLong(primKey),
266 ActionKeys.PERMISSIONS);
267 }
268 else if (name.equals(Group.class.getName())) {
269 GroupPermissionUtil.check(
270 permissionChecker, GetterUtil.getLong(primKey),
271 ActionKeys.PERMISSIONS);
272 }
273 else if (name.equals(IGFolder.class.getName())) {
274 IGFolderPermission.check(
275 permissionChecker, GetterUtil.getLong(primKey),
276 ActionKeys.PERMISSIONS);
277 }
278 else if (name.equals(JournalArticle.class.getName())) {
279 JournalArticlePermission.check(
280 permissionChecker, GetterUtil.getLong(primKey),
281 ActionKeys.PERMISSIONS);
282 }
283 else if (name.equals(JournalFeed.class.getName())) {
284 JournalFeedPermission.check(
285 permissionChecker, GetterUtil.getLong(primKey),
286 ActionKeys.PERMISSIONS);
287 }
288 else if (name.equals(JournalStructure.class.getName())) {
289 JournalStructurePermission.check(
290 permissionChecker, GetterUtil.getLong(primKey),
291 ActionKeys.PERMISSIONS);
292 }
293 else if (name.equals(JournalTemplate.class.getName())) {
294 JournalTemplatePermission.check(
295 permissionChecker, GetterUtil.getLong(primKey),
296 ActionKeys.PERMISSIONS);
297 }
298 else if (name.equals(Layout.class.getName())) {
299 long plid = GetterUtil.getLong(primKey);
300
301 Layout layout = layoutPersistence.findByPrimaryKey(plid);
302
303 GroupPermissionUtil.check(
304 permissionChecker, layout.getGroupId(),
305 ActionKeys.MANAGE_LAYOUTS);
306 }
307 else if (name.equals(MBCategory.class.getName())) {
308 MBCategoryPermission.check(
309 permissionChecker, GetterUtil.getLong(primKey),
310 ActionKeys.PERMISSIONS);
311 }
312 else if (name.equals(PollsQuestion.class.getName())) {
313 PollsQuestionPermission.check(
314 permissionChecker, GetterUtil.getLong(primKey),
315 ActionKeys.PERMISSIONS);
316 }
317 else if (name.equals(SCFrameworkVersion.class.getName())) {
318 SCFrameworkVersionPermission.check(
319 permissionChecker, GetterUtil.getLong(primKey),
320 ActionKeys.PERMISSIONS);
321 }
322 else if (name.equals(SCProductEntry.class.getName())) {
323 SCProductEntryPermission.check(
324 permissionChecker, GetterUtil.getLong(primKey),
325 ActionKeys.PERMISSIONS);
326 }
327 else if (name.equals(ShoppingCategory.class.getName())) {
328 ShoppingCategoryPermission.check(
329 permissionChecker, GetterUtil.getLong(primKey),
330 ActionKeys.PERMISSIONS);
331 }
332 else if (name.equals(ShoppingItem.class.getName())) {
333 ShoppingItemPermission.check(
334 permissionChecker, GetterUtil.getLong(primKey),
335 ActionKeys.PERMISSIONS);
336 }
337 else if (name.equals(User.class.getName())) {
338 long userId = GetterUtil.getLong(primKey);
339
340 User user = userPersistence.findByPrimaryKey(userId);
341
342 UserPermissionUtil.check(
343 permissionChecker, userId, user.getOrganizationIds(),
344 ActionKeys.PERMISSIONS);
345 }
346 else if (name.equals(WikiNode.class.getName())) {
347 WikiNodePermission.check(
348 permissionChecker, GetterUtil.getLong(primKey),
349 ActionKeys.PERMISSIONS);
350 }
351 else if ((primKey != null) &&
352 (primKey.indexOf(PortletConstants.LAYOUT_SEPARATOR) != -1)) {
353
354 int pos = primKey.indexOf(PortletConstants.LAYOUT_SEPARATOR);
355
356 long plid = GetterUtil.getLong(primKey.substring(0, pos));
357
358 String portletId = primKey.substring(
359 pos + PortletConstants.LAYOUT_SEPARATOR.length(),
360 primKey.length());
361
362 PortletPermissionUtil.check(
363 permissionChecker, plid, portletId, ActionKeys.CONFIGURATION);
364 }
365 else if (!permissionChecker.hasPermission(
366 groupId, name, primKey, ActionKeys.PERMISSIONS) &&
367 !permissionChecker.hasPermission(
368 groupId, name, primKey, ActionKeys.DEFINE_PERMISSIONS)) {
369
370 throw new PrincipalException();
371 }
372 }
373
374 }