1
22
23 package com.liferay.portlet.enterpriseadmin.action;
24
25 import com.liferay.portal.NoSuchRoleException;
26 import com.liferay.portal.RolePermissionsException;
27 import com.liferay.portal.kernel.servlet.SessionErrors;
28 import com.liferay.portal.kernel.servlet.SessionMessages;
29 import com.liferay.portal.kernel.util.ArrayUtil;
30 import com.liferay.portal.kernel.util.Constants;
31 import com.liferay.portal.kernel.util.ListUtil;
32 import com.liferay.portal.kernel.util.ParamUtil;
33 import com.liferay.portal.kernel.util.StringUtil;
34 import com.liferay.portal.kernel.util.Validator;
35 import com.liferay.portal.model.GroupConstants;
36 import com.liferay.portal.model.ResourceConstants;
37 import com.liferay.portal.model.Role;
38 import com.liferay.portal.model.RoleConstants;
39 import com.liferay.portal.security.auth.PrincipalException;
40 import com.liferay.portal.security.permission.ResourceActionsUtil;
41 import com.liferay.portal.security.permission.comparator.ActionComparator;
42 import com.liferay.portal.service.PermissionServiceUtil;
43 import com.liferay.portal.service.RoleLocalServiceUtil;
44 import com.liferay.portal.struts.PortletAction;
45 import com.liferay.portal.theme.ThemeDisplay;
46 import com.liferay.portal.util.WebKeys;
47
48 import java.util.HashMap;
49 import java.util.List;
50 import java.util.Map;
51
52 import javax.portlet.ActionRequest;
53 import javax.portlet.ActionResponse;
54 import javax.portlet.PortletConfig;
55 import javax.portlet.RenderRequest;
56 import javax.portlet.RenderResponse;
57
58 import org.apache.struts.action.ActionForm;
59 import org.apache.struts.action.ActionForward;
60 import org.apache.struts.action.ActionMapping;
61
62
69 public class EditRolePermissionsAction extends PortletAction {
70
71 public void processAction(
72 ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
73 ActionRequest actionRequest, ActionResponse actionResponse)
74 throws Exception {
75
76 String cmd = ParamUtil.getString(actionRequest, Constants.CMD);
77
78 try {
79 if (cmd.equals("actions")) {
80 updateActions(actionRequest, actionResponse);
81 }
82 else if (cmd.equals("delete_permission")) {
83 deletePermission(actionRequest, actionResponse);
84 }
85 }
86 catch (Exception e) {
87 if (e instanceof NoSuchRoleException ||
88 e instanceof PrincipalException ||
89 e instanceof RolePermissionsException) {
90
91 SessionErrors.add(actionRequest, e.getClass().getName());
92
93 setForward(actionRequest, "portlet.enterprise_admin.error");
94 }
95 else {
96 throw e;
97 }
98 }
99 }
100
101 public ActionForward render(
102 ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
103 RenderRequest renderRequest, RenderResponse renderResponse)
104 throws Exception {
105
106 try {
107 ActionUtil.getRole(renderRequest);
108 }
109 catch (Exception e) {
110 if (e instanceof NoSuchRoleException ||
111 e instanceof PrincipalException) {
112
113 SessionErrors.add(renderRequest, e.getClass().getName());
114
115 return mapping.findForward("portlet.enterprise_admin.error");
116 }
117 else {
118 throw e;
119 }
120 }
121
122 return mapping.findForward(getForward(
123 renderRequest, "portlet.enterprise_admin.edit_role_permissions"));
124 }
125
126 protected void deletePermission(
127 ActionRequest actionRequest, ActionResponse actionResponse)
128 throws Exception {
129
130 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
131 WebKeys.THEME_DISPLAY);
132
133 long roleId = ParamUtil.getLong(actionRequest, "roleId");
134 long permissionId = ParamUtil.getLong(actionRequest, "permissionId");
135
136 Role role = RoleLocalServiceUtil.getRole(roleId);
137
138 if (role.getName().equals(RoleConstants.ADMINISTRATOR) ||
139 role.getName().equals(RoleConstants.OWNER) ||
140 role.getName().equals(RoleConstants.COMMUNITY_ADMINISTRATOR) ||
141 role.getName().equals(RoleConstants.COMMUNITY_OWNER) ||
142 role.getName().equals(RoleConstants.ORGANIZATION_ADMINISTRATOR) ||
143 role.getName().equals(RoleConstants.ORGANIZATION_OWNER)) {
144
145 throw new RolePermissionsException(role.getName());
146 }
147
148 PermissionServiceUtil.unsetRolePermission(
149 roleId, themeDisplay.getScopeGroupId(), permissionId);
150
151
153 SessionMessages.add(actionRequest, "permissionDeleted");
154
155 String redirect = ParamUtil.getString(actionRequest, "redirect");
156
157 actionResponse.sendRedirect(redirect);
158 }
159
160 protected void updateActions(
161 ActionRequest actionRequest, ActionResponse actionResponse)
162 throws Exception {
163
164 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
165 WebKeys.THEME_DISPLAY);
166
167 long roleId = ParamUtil.getLong(actionRequest, "roleId");
168
169 Role role = RoleLocalServiceUtil.getRole(roleId);
170
171 if (role.getName().equals(RoleConstants.ADMINISTRATOR) ||
172 role.getName().equals(RoleConstants.OWNER) ||
173 role.getName().equals(RoleConstants.COMMUNITY_ADMINISTRATOR) ||
174 role.getName().equals(RoleConstants.COMMUNITY_OWNER) ||
175 role.getName().equals(RoleConstants.ORGANIZATION_ADMINISTRATOR) ||
176 role.getName().equals(RoleConstants.ORGANIZATION_OWNER)) {
177
178 throw new RolePermissionsException(role.getName());
179 }
180
181 String portletResource = ParamUtil.getString(
182 actionRequest, "portletResource");
183 String[] modelResources = StringUtil.split(
184 ParamUtil.getString(actionRequest, "modelResources"));
185
186 Map<String, List<String>> resourceActionsMap =
187 new HashMap<String, List<String>>();
188
189 if (Validator.isNotNull(portletResource)) {
190 resourceActionsMap.put(
191 portletResource,
192 ResourceActionsUtil.getResourceActions(
193 themeDisplay.getCompanyId(), portletResource, null));
194 }
195
196 for (String modelResource : modelResources) {
197 resourceActionsMap.put(
198 modelResource,
199 ResourceActionsUtil.getResourceActions(
200 themeDisplay.getCompanyId(), null, modelResource));
201 }
202
203 for (Map.Entry<String, List<String>> entry :
204 resourceActionsMap.entrySet()) {
205
206 String selResource = entry.getKey();
207 List<String> actions = entry.getValue();
208
209 actions = ListUtil.sort(
210 actions,
211 new ActionComparator(
212 themeDisplay.getCompanyId(), themeDisplay.getLocale()));
213
214 for (String actionId : actions) {
215 int scope = ParamUtil.getInteger(
216 actionRequest, "scope" + selResource + actionId);
217
218 if (scope == ResourceConstants.SCOPE_COMPANY) {
219 PermissionServiceUtil.setRolePermission(
220 roleId, themeDisplay.getScopeGroupId(), selResource,
221 scope, String.valueOf(themeDisplay.getCompanyId()),
222 actionId);
223 }
224 else if (scope == ResourceConstants.SCOPE_GROUP) {
225 if ((role.getType() == RoleConstants.TYPE_COMMUNITY) ||
226 (role.getType() == RoleConstants.TYPE_ORGANIZATION)) {
227
228 PermissionServiceUtil.setRolePermission(
229 roleId, themeDisplay.getScopeGroupId(), selResource,
230 ResourceConstants.SCOPE_GROUP_TEMPLATE,
231 String.valueOf(
232 GroupConstants.DEFAULT_PARENT_GROUP_ID),
233 actionId);
234 }
235 else {
236 String[] groupIds = StringUtil.split(
237 ParamUtil.getString(
238 actionRequest,
239 "groupIds" + selResource + actionId));
240
241 if (groupIds.length == 0) {
242 SessionErrors.add(
243 actionRequest, "missingGroupIdsForAction");
244
245 return;
246 }
247
248 groupIds = ArrayUtil.distinct(groupIds);
249
250 PermissionServiceUtil.unsetRolePermissions(
251 roleId, themeDisplay.getScopeGroupId(),
252 selResource, ResourceConstants.SCOPE_GROUP,
253 actionId);
254
255 for (int j = 0; j < groupIds.length; j++) {
256 PermissionServiceUtil.setRolePermission(
257 roleId, themeDisplay.getScopeGroupId(),
258 selResource, ResourceConstants.SCOPE_GROUP,
259 groupIds[j], actionId);
260 }
261 }
262 }
263 else {
264
265
267 PermissionServiceUtil.unsetRolePermissions(
268 roleId, themeDisplay.getScopeGroupId(), selResource,
269 ResourceConstants.SCOPE_COMPANY, actionId);
270
271 PermissionServiceUtil.unsetRolePermissions(
272 roleId, themeDisplay.getScopeGroupId(), selResource,
273 ResourceConstants.SCOPE_GROUP_TEMPLATE, actionId);
274
275 PermissionServiceUtil.unsetRolePermissions(
276 roleId, themeDisplay.getScopeGroupId(), selResource,
277 ResourceConstants.SCOPE_GROUP, actionId);
278 }
279 }
280 }
281
282
284 SessionMessages.add(actionRequest, "permissionsUpdated");
285
286 String redirect =
287 ParamUtil.getString(actionRequest, "redirect") + "&" +
288 Constants.CMD + "=" + Constants.VIEW;
289
290 actionResponse.sendRedirect(redirect);
291 }
292
293 }