001
014
015 package com.liferay.portal.service.permission;
016
017 import com.liferay.portal.kernel.exception.PortalException;
018 import com.liferay.portal.kernel.exception.SystemException;
019 import com.liferay.portal.kernel.log.Log;
020 import com.liferay.portal.kernel.log.LogFactoryUtil;
021 import com.liferay.portal.model.Group;
022 import com.liferay.portal.model.Layout;
023 import com.liferay.portal.model.Portlet;
024 import com.liferay.portal.model.PortletConstants;
025 import com.liferay.portal.security.auth.PrincipalException;
026 import com.liferay.portal.security.permission.ActionKeys;
027 import com.liferay.portal.security.permission.PermissionChecker;
028 import com.liferay.portal.security.permission.ResourceActionsUtil;
029 import com.liferay.portal.service.GroupLocalServiceUtil;
030 import com.liferay.portal.service.LayoutLocalServiceUtil;
031 import com.liferay.portal.util.PropsValues;
032
033 import java.util.List;
034
035
038 public class PortletPermissionImpl implements PortletPermission {
039
040 public static final boolean DEFAULT_STRICT = false;
041
042 public void check(
043 PermissionChecker permissionChecker, long plid, String portletId,
044 String actionId)
045 throws PortalException, SystemException {
046
047 check(permissionChecker, plid, portletId, actionId, DEFAULT_STRICT);
048 }
049
050 public void check(
051 PermissionChecker permissionChecker, long plid, String portletId,
052 String actionId, boolean strict)
053 throws PortalException, SystemException {
054
055 if (!contains(permissionChecker, plid, portletId, actionId, strict)) {
056 throw new PrincipalException();
057 }
058 }
059
060 public void check(
061 PermissionChecker permissionChecker, String portletId,
062 String actionId)
063 throws PortalException, SystemException {
064
065 if (!contains(permissionChecker, portletId, actionId)) {
066 throw new PrincipalException();
067 }
068 }
069
070 public boolean contains(
071 PermissionChecker permissionChecker, long plid, Portlet portlet,
072 String actionId)
073 throws PortalException, SystemException {
074
075 return contains(
076 permissionChecker, plid, portlet, actionId, DEFAULT_STRICT);
077 }
078
079 public boolean contains(
080 PermissionChecker permissionChecker, long plid, Portlet portlet,
081 String actionId, boolean strict)
082 throws PortalException, SystemException {
083
084 if (portlet.isUndeployedPortlet()) {
085 return false;
086 }
087
088 boolean value = contains(
089 permissionChecker, plid, portlet.getPortletId(), actionId, strict);
090
091 if (value) {
092 return true;
093 }
094 else {
095 if (portlet.isSystem() && actionId.equals(ActionKeys.VIEW)) {
096 return true;
097 }
098 else {
099 return false;
100 }
101 }
102 }
103
104 public boolean contains(
105 PermissionChecker permissionChecker, long plid, String portletId,
106 String actionId)
107 throws PortalException, SystemException {
108
109 return contains(
110 permissionChecker, plid, portletId, actionId, DEFAULT_STRICT);
111 }
112
113 public boolean contains(
114 PermissionChecker permissionChecker, long plid, String portletId,
115 String actionId, boolean strict)
116 throws PortalException, SystemException {
117
118 long groupId = 0;
119 String name = null;
120 String primKey = null;
121
122 if (plid > 0) {
123 Layout layout = LayoutLocalServiceUtil.getLayout(plid);
124
125 groupId = layout.getGroupId();
126 name = PortletConstants.getRootPortletId(portletId);
127 primKey = getPrimaryKey(plid, portletId);
128
129 if ((layout.isPrivateLayout() &&
130 !PropsValues.LAYOUT_USER_PRIVATE_LAYOUTS_MODIFIABLE) ||
131 (layout.isPublicLayout() &&
132 !PropsValues.LAYOUT_USER_PUBLIC_LAYOUTS_MODIFIABLE)) {
133
134 if (actionId.equals(ActionKeys.CONFIGURATION)) {
135 Group group = GroupLocalServiceUtil.getGroup(
136 layout.getGroupId());
137
138 if (group.isUser()) {
139 return false;
140 }
141 }
142 }
143
144 if (actionId.equals(ActionKeys.VIEW)) {
145 Group group = GroupLocalServiceUtil.getGroup(
146 layout.getGroupId());
147
148 if (group.isControlPanel()) {
149 return true;
150 }
151 }
152
153 if (!strict) {
154 if (LayoutPermissionUtil.contains(
155 permissionChecker, groupId, layout.isPrivateLayout(),
156 layout.getLayoutId(), ActionKeys.UPDATE) &&
157 hasLayoutManagerPermission(portletId, actionId)) {
158
159 return true;
160 }
161 }
162 }
163 else {
164 name = portletId;
165 primKey = portletId;
166 }
167
168 return permissionChecker.hasPermission(
169 groupId, name, primKey, actionId);
170 }
171
172 public boolean contains(
173 PermissionChecker permissionChecker, String portletId,
174 String actionId)
175 throws PortalException, SystemException {
176
177 return contains(permissionChecker, 0, portletId, actionId);
178 }
179
180 public String getPrimaryKey(long plid, String portletId) {
181 return String.valueOf(plid).concat(
182 PortletConstants.LAYOUT_SEPARATOR).concat(portletId);
183 }
184
185 public boolean hasLayoutManagerPermission(
186 String portletId, String actionId) {
187
188 try {
189 return hasLayoutManagerPermissionImpl(portletId, actionId);
190 }
191 catch (Exception e) {
192 _log.error(e, e);
193
194 return false;
195 }
196 }
197
198 protected boolean hasLayoutManagerPermissionImpl(
199 String portletId, String actionId) {
200
201 portletId = PortletConstants.getRootPortletId(portletId);
202
203 List<String> layoutManagerActions =
204 ResourceActionsUtil.getPortletResourceLayoutManagerActions(
205 portletId);
206
207 return layoutManagerActions.contains(actionId);
208 }
209
210 private static Log _log = LogFactoryUtil.getLog(
211 PortletPermissionImpl.class);
212
213 }