1
22
23 package com.liferay.portal.service.permission;
24
25 import com.liferay.portal.PortalException;
26 import com.liferay.portal.SystemException;
27 import com.liferay.portal.kernel.log.Log;
28 import com.liferay.portal.kernel.log.LogFactoryUtil;
29 import com.liferay.portal.model.Group;
30 import com.liferay.portal.model.GroupConstants;
31 import com.liferay.portal.model.Layout;
32 import com.liferay.portal.model.Portlet;
33 import com.liferay.portal.model.PortletConstants;
34 import com.liferay.portal.security.auth.PrincipalException;
35 import com.liferay.portal.security.permission.ActionKeys;
36 import com.liferay.portal.security.permission.PermissionChecker;
37 import com.liferay.portal.security.permission.ResourceActionsUtil;
38 import com.liferay.portal.service.GroupLocalServiceUtil;
39 import com.liferay.portal.service.LayoutLocalServiceUtil;
40 import com.liferay.portal.util.PropsValues;
41
42 import java.util.List;
43
44
50 public class PortletPermissionImpl implements PortletPermission {
51
52 public static final boolean DEFAULT_STRICT = false;
53
54 public void check(
55 PermissionChecker permissionChecker, String portletId,
56 String actionId)
57 throws PortalException, SystemException {
58
59 if (!contains(permissionChecker, portletId, actionId)) {
60 throw new PrincipalException();
61 }
62 }
63
64 public void check(
65 PermissionChecker permissionChecker, long plid, String portletId,
66 String actionId)
67 throws PortalException, SystemException {
68
69 check(permissionChecker, plid, portletId, actionId, DEFAULT_STRICT);
70 }
71
72 public void check(
73 PermissionChecker permissionChecker, long plid, String portletId,
74 String actionId, boolean strict)
75 throws PortalException, SystemException {
76
77 if (!contains(permissionChecker, plid, portletId, actionId, strict)) {
78 throw new PrincipalException();
79 }
80 }
81
82 public boolean contains(
83 PermissionChecker permissionChecker, String portletId,
84 String actionId)
85 throws PortalException, SystemException {
86
87 return contains(permissionChecker, 0, portletId, actionId);
88 }
89
90 public boolean contains(
91 PermissionChecker permissionChecker, long plid, String portletId,
92 String actionId)
93 throws PortalException, SystemException {
94
95 return contains(
96 permissionChecker, plid, portletId, actionId, DEFAULT_STRICT);
97 }
98
99 public boolean contains(
100 PermissionChecker permissionChecker, long plid, String portletId,
101 String actionId, boolean strict)
102 throws PortalException, SystemException {
103
104 long groupId = 0;
105 String name = null;
106 String primKey = null;
107
108 if (plid > 0) {
109 Layout layout = LayoutLocalServiceUtil.getLayout(plid);
110
111 groupId = layout.getGroupId();
112 name = PortletConstants.getRootPortletId(portletId);
113 primKey = getPrimaryKey(plid, portletId);
114
115 if ((layout.isPrivateLayout() &&
116 !PropsValues.LAYOUT_USER_PRIVATE_LAYOUTS_MODIFIABLE) ||
117 (layout.isPublicLayout() &&
118 !PropsValues.LAYOUT_USER_PUBLIC_LAYOUTS_MODIFIABLE)) {
119
120 if (actionId.equals(ActionKeys.CONFIGURATION)) {
121 Group group = GroupLocalServiceUtil.getGroup(
122 layout.getGroupId());
123
124 if (group.isUser()) {
125 return false;
126 }
127 }
128 }
129
130 if (actionId.equals(ActionKeys.VIEW)) {
131 Group group = GroupLocalServiceUtil.getGroup(
132 layout.getGroupId());
133
134 if (group.getName().equals(GroupConstants.CONTROL_PANEL)) {
135 return true;
136 }
137 }
138
139 if (!strict) {
140 if (LayoutPermissionUtil.contains(
141 permissionChecker, groupId, layout.isPrivateLayout(),
142 layout.getLayoutId(), ActionKeys.UPDATE) &&
143 hasLayoutManagerPermission(portletId, actionId)) {
144
145 return true;
146 }
147 }
148 }
149 else {
150 name = portletId;
151 primKey = portletId;
152 }
153
154 return permissionChecker.hasPermission(
155 groupId, name, primKey, actionId);
156 }
157
158 public boolean contains(
159 PermissionChecker permissionChecker, long plid, Portlet portlet,
160 String actionId)
161 throws PortalException, SystemException {
162
163 return contains(
164 permissionChecker, plid, portlet, actionId, DEFAULT_STRICT);
165 }
166
167 public boolean contains(
168 PermissionChecker permissionChecker, long plid, Portlet portlet,
169 String actionId, boolean strict)
170 throws PortalException, SystemException {
171
172 boolean value = contains(
173 permissionChecker, plid, portlet.getPortletId(), actionId, strict);
174
175 if (value) {
176 return true;
177 }
178 else {
179 if (portlet.isSystem() && actionId.equals(ActionKeys.VIEW)) {
180 return true;
181 }
182 else {
183 return false;
184 }
185 }
186 }
187
188 public String getPrimaryKey(long plid, String portletId) {
189 StringBuilder sb = new StringBuilder();
190
191 sb.append(plid);
192 sb.append(PortletConstants.LAYOUT_SEPARATOR);
193 sb.append(portletId);
194
195 return sb.toString();
196 }
197
198 public boolean hasLayoutManagerPermission(
199 String portletId, String actionId) {
200
201 try {
202 return hasLayoutManagerPermissionImpl(portletId, actionId);
203 }
204 catch (Exception e) {
205 _log.error(e, e);
206
207 return false;
208 }
209 }
210
211 protected boolean hasLayoutManagerPermissionImpl(
212 String portletId, String actionId) {
213
214 portletId = PortletConstants.getRootPortletId(portletId);
215
216 List<String> layoutManagerActions =
217 ResourceActionsUtil.getPortletResourceLayoutManagerActions(
218 portletId);
219
220 return layoutManagerActions.contains(actionId);
221 }
222
223 private static Log _log =
224 LogFactoryUtil.getLog(PortletPermissionImpl.class);
225
226 }