001
014
015 package com.liferay.portlet.portletconfiguration.action;
016
017 import com.liferay.portal.kernel.servlet.SessionErrors;
018 import com.liferay.portal.kernel.util.Constants;
019 import com.liferay.portal.kernel.util.ParamUtil;
020 import com.liferay.portal.kernel.util.StringUtil;
021 import com.liferay.portal.kernel.util.Validator;
022 import com.liferay.portal.model.Layout;
023 import com.liferay.portal.model.Organization;
024 import com.liferay.portal.model.Portlet;
025 import com.liferay.portal.model.PortletConstants;
026 import com.liferay.portal.model.Resource;
027 import com.liferay.portal.model.UserGroup;
028 import com.liferay.portal.security.auth.PrincipalException;
029 import com.liferay.portal.service.PermissionServiceUtil;
030 import com.liferay.portal.service.PortletLocalServiceUtil;
031 import com.liferay.portal.service.ResourceLocalServiceUtil;
032 import com.liferay.portal.service.ResourcePermissionServiceUtil;
033 import com.liferay.portal.servlet.filters.cache.CacheUtil;
034 import com.liferay.portal.theme.ThemeDisplay;
035 import com.liferay.portal.util.PropsValues;
036 import com.liferay.portal.util.WebKeys;
037
038 import java.util.ArrayList;
039 import java.util.Enumeration;
040 import java.util.List;
041
042 import javax.portlet.ActionRequest;
043 import javax.portlet.ActionResponse;
044 import javax.portlet.PortletConfig;
045 import javax.portlet.RenderRequest;
046 import javax.portlet.RenderResponse;
047
048 import org.apache.struts.action.ActionForm;
049 import org.apache.struts.action.ActionForward;
050 import org.apache.struts.action.ActionMapping;
051
052
055 public class EditPermissionsAction extends EditConfigurationAction {
056
057 public void processAction(
058 ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
059 ActionRequest actionRequest, ActionResponse actionResponse)
060 throws Exception {
061
062 String cmd = ParamUtil.getString(actionRequest, Constants.CMD);
063
064 try {
065 if (cmd.equals("group_permissions")) {
066 updateGroupPermissions(actionRequest);
067 }
068 else if (cmd.equals("guest_permissions")) {
069 updateGuestPermissions(actionRequest);
070 }
071 else if (cmd.equals("organization_permissions")) {
072 updateOrganizationPermissions(actionRequest);
073 }
074 else if (cmd.equals("role_permissions")) {
075 updateRolePermissions(actionRequest);
076 }
077 else if (cmd.equals("user_group_permissions")) {
078 updateUserGroupPermissions(actionRequest);
079 }
080 else if (cmd.equals("user_permissions")) {
081 updateUserPermissions(actionRequest);
082 }
083
084 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM < 5) {
085 String redirect = ParamUtil.getString(
086 actionRequest, "permissionsRedirect");
087
088 sendRedirect(actionRequest, actionResponse, redirect);
089 }
090 else {
091 addSuccessMessage(actionRequest, actionResponse);
092 }
093 }
094 catch (Exception e) {
095 if (e instanceof PrincipalException) {
096 SessionErrors.add(actionRequest, e.getClass().getName());
097
098 setForward(
099 actionRequest, "portlet.portlet_configuration.error");
100 }
101 else {
102 throw e;
103 }
104 }
105 }
106
107 public ActionForward render(
108 ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
109 RenderRequest renderRequest, RenderResponse renderResponse)
110 throws Exception {
111
112 ThemeDisplay themeDisplay = (ThemeDisplay)renderRequest.getAttribute(
113 WebKeys.THEME_DISPLAY);
114
115 long groupId = themeDisplay.getScopeGroupId();
116
117 String portletResource = ParamUtil.getString(
118 renderRequest, "portletResource");
119 String modelResource = ParamUtil.getString(
120 renderRequest, "modelResource");
121 String resourcePrimKey = ParamUtil.getString(
122 renderRequest, "resourcePrimKey");
123
124 String selResource = portletResource;
125
126 if (Validator.isNotNull(modelResource)) {
127 selResource = modelResource;
128 }
129
130 try {
131 PermissionServiceUtil.checkPermission(
132 groupId, selResource, resourcePrimKey);
133 }
134 catch (PrincipalException pe) {
135 SessionErrors.add(
136 renderRequest, PrincipalException.class.getName());
137
138 setForward(renderRequest, "portlet.portlet_configuration.error");
139 }
140
141 Portlet portlet = PortletLocalServiceUtil.getPortletById(
142 themeDisplay.getCompanyId(), portletResource);
143
144 if (portlet != null) {
145 renderResponse.setTitle(getTitle(portlet, renderRequest));
146 }
147
148 return mapping.findForward(getForward(
149 renderRequest, "portlet.portlet_configuration.edit_permissions"));
150 }
151
152 protected String[] getActionIds(ActionRequest actionRequest, long roleId) {
153 List<String> actionIds = new ArrayList<String>();
154
155 Enumeration<String> enu = actionRequest.getParameterNames();
156
157 while (enu.hasMoreElements()) {
158 String name = enu.nextElement();
159
160 if (name.startsWith(roleId + "_ACTION_")) {
161 int pos = name.indexOf("_ACTION_");
162
163 String actionId = name.substring(pos + 8);
164
165 actionIds.add(actionId);
166 }
167 }
168
169 return actionIds.toArray(new String[actionIds.size()]);
170 }
171
172 protected void updateGroupPermissions(ActionRequest actionRequest)
173 throws Exception {
174
175 Layout layout = (Layout)actionRequest.getAttribute(WebKeys.LAYOUT);
176
177 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
178 long groupId = ParamUtil.getLong(actionRequest, "groupId");
179 String[] actionIds = StringUtil.split(
180 ParamUtil.getString(actionRequest, "groupIdActionIds"));
181
182 PermissionServiceUtil.setGroupPermissions(
183 groupId, actionIds, resourceId);
184
185 if (!layout.isPrivateLayout()) {
186 Resource resource =
187 ResourceLocalServiceUtil.getResource(resourceId);
188
189 if (resource.getPrimKey().startsWith(
190 layout.getPlid() + PortletConstants.LAYOUT_SEPARATOR)) {
191
192 CacheUtil.clearCache(layout.getCompanyId());
193 }
194 }
195 }
196
197 protected void updateGuestPermissions(ActionRequest actionRequest)
198 throws Exception {
199
200 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
201 WebKeys.THEME_DISPLAY);
202
203 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
204 String[] actionIds = StringUtil.split(
205 ParamUtil.getString(actionRequest, "guestActionIds"));
206
207 PermissionServiceUtil.setUserPermissions(
208 themeDisplay.getDefaultUserId(), themeDisplay.getScopeGroupId(),
209 actionIds, resourceId);
210 }
211
212 protected void updateOrganizationPermissions(ActionRequest actionRequest)
213 throws Exception {
214
215 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
216 WebKeys.THEME_DISPLAY);
217
218 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
219 long organizationId = ParamUtil.getLong(
220 actionRequest, "organizationIdsPosValue");
221 String[] actionIds = StringUtil.split(
222 ParamUtil.getString(actionRequest, "organizationIdActionIds"));
223
224
225
226
227 PermissionServiceUtil.setGroupPermissions(
228 Organization.class.getName(), String.valueOf(organizationId),
229 themeDisplay.getScopeGroupId(), actionIds, resourceId);
230
235 }
236
237 protected void updateRolePermissions(ActionRequest actionRequest)
238 throws Exception {
239
240 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
241 updateRolePermissions_5(actionRequest);
242 }
243 else if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
244 updateRolePermissions_6(actionRequest);
245 }
246 else {
247 updateRolePermissions_1to4(actionRequest);
248 }
249 }
250
251 protected void updateRolePermissions_1to4(ActionRequest actionRequest)
252 throws Exception {
253
254 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
255 WebKeys.THEME_DISPLAY);
256
257 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
258 long roleId = ParamUtil.getLong(actionRequest, "roleIdsPosValue");
259 String[] actionIds = StringUtil.split(
260 ParamUtil.getString(actionRequest, "roleIdActionIds"));
261
262 PermissionServiceUtil.setRolePermissions(
263 roleId, themeDisplay.getScopeGroupId(), actionIds, resourceId);
264 }
265
266 protected void updateRolePermissions_5(ActionRequest actionRequest)
267 throws Exception {
268
269 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
270 WebKeys.THEME_DISPLAY);
271
272 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
273 long[] roleIds = StringUtil.split(
274 ParamUtil.getString(
275 actionRequest, "rolesSearchContainerPrimaryKeys"), 0L);
276
277 for (long roleId : roleIds) {
278 String[] actionIds = getActionIds(actionRequest, roleId);
279
280 PermissionServiceUtil.setRolePermissions(
281 roleId, themeDisplay.getScopeGroupId(), actionIds, resourceId);
282 }
283 }
284
285 protected void updateRolePermissions_6(ActionRequest actionRequest)
286 throws Exception {
287
288 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
289 WebKeys.THEME_DISPLAY);
290
291 String portletResource = ParamUtil.getString(
292 actionRequest, "portletResource");
293 String modelResource = ParamUtil.getString(
294 actionRequest, "modelResource");
295 long[] roleIds = StringUtil.split(
296 ParamUtil.getString(
297 actionRequest, "rolesSearchContainerPrimaryKeys"), 0L);
298
299 String selResource = PortletConstants.getRootPortletId(portletResource);
300
301 if (Validator.isNotNull(modelResource)) {
302 selResource = modelResource;
303 }
304
305 String resourcePrimKey = ParamUtil.getString(
306 actionRequest, "resourcePrimKey");
307
308 for (long roleId : roleIds) {
309 String[] actionIds = getActionIds(actionRequest, roleId);
310
311 ResourcePermissionServiceUtil.setIndividualResourcePermissions(
312 themeDisplay.getScopeGroupId(), themeDisplay.getCompanyId(),
313 selResource, resourcePrimKey, roleId, actionIds);
314 }
315 }
316
317 protected void updateUserGroupPermissions(ActionRequest actionRequest)
318 throws Exception {
319
320 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
321 WebKeys.THEME_DISPLAY);
322
323 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
324 long userGroupId = ParamUtil.getLong(
325 actionRequest, "userGroupIdsPosValue");
326 String[] actionIds = StringUtil.split(
327 ParamUtil.getString(actionRequest, "userGroupIdActionIds"));
328
329 PermissionServiceUtil.setGroupPermissions(
330 UserGroup.class.getName(), String.valueOf(userGroupId),
331 themeDisplay.getScopeGroupId(), actionIds, resourceId);
332 }
333
334 protected void updateUserPermissions(ActionRequest actionRequest)
335 throws Exception {
336
337 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
338 WebKeys.THEME_DISPLAY);
339
340 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
341 long userId = ParamUtil.getLong(actionRequest, "userIdsPosValue");
342 String[] actionIds = StringUtil.split(
343 ParamUtil.getString(actionRequest, "userIdActionIds"));
344
345 PermissionServiceUtil.setUserPermissions(
346 userId, themeDisplay.getScopeGroupId(), actionIds, resourceId);
347 }
348
349 }