001
014
015 package com.liferay.portal.service.permission;
016
017 import com.liferay.portal.kernel.exception.PortalException;
018 import com.liferay.portal.kernel.exception.SystemException;
019 import com.liferay.portal.kernel.log.Log;
020 import com.liferay.portal.kernel.log.LogFactoryUtil;
021 import com.liferay.portal.kernel.staging.permission.StagingPermissionUtil;
022 import com.liferay.portal.kernel.util.StringUtil;
023 import com.liferay.portal.model.Group;
024 import com.liferay.portal.model.Layout;
025 import com.liferay.portal.model.LayoutTypePortlet;
026 import com.liferay.portal.model.Portlet;
027 import com.liferay.portal.model.PortletConstants;
028 import com.liferay.portal.model.impl.VirtualLayout;
029 import com.liferay.portal.security.auth.PrincipalException;
030 import com.liferay.portal.security.permission.ActionKeys;
031 import com.liferay.portal.security.permission.PermissionChecker;
032 import com.liferay.portal.security.permission.ResourceActionsUtil;
033 import com.liferay.portal.service.GroupLocalServiceUtil;
034 import com.liferay.portal.service.LayoutLocalServiceUtil;
035 import com.liferay.portal.service.PortletLocalServiceUtil;
036 import com.liferay.portal.util.PortletCategoryKeys;
037 import com.liferay.portal.util.PropsValues;
038 import com.liferay.portlet.ControlPanelEntry;
039 import com.liferay.portlet.sites.util.SitesUtil;
040
041 import java.util.Collection;
042 import java.util.List;
043
044 import javax.portlet.PortletMode;
045
046
050 public class PortletPermissionImpl implements PortletPermission {
051
052 public static final boolean DEFAULT_STRICT = false;
053
054 @Override
055 public void check(
056 PermissionChecker permissionChecker, Layout layout,
057 String portletId, String actionId)
058 throws PortalException, SystemException {
059
060 if (!contains(
061 permissionChecker, 0, layout, portletId, actionId,
062 DEFAULT_STRICT)) {
063
064 throw new PrincipalException();
065 }
066 }
067
068 @Override
069 public void check(
070 PermissionChecker permissionChecker, Layout layout,
071 String portletId, String actionId, boolean strict)
072 throws PortalException, SystemException {
073
074 if (!contains(
075 permissionChecker, 0, layout, portletId, actionId, strict)) {
076
077 throw new PrincipalException();
078 }
079 }
080
081 @Override
082 public void check(
083 PermissionChecker permissionChecker, long groupId, Layout layout,
084 String portletId, String actionId)
085 throws PortalException, SystemException {
086
087 if (!contains(
088 permissionChecker, groupId, layout, portletId, actionId,
089 DEFAULT_STRICT)) {
090
091 throw new PrincipalException();
092 }
093 }
094
095 @Override
096 public void check(
097 PermissionChecker permissionChecker, long groupId, Layout layout,
098 String portletId, String actionId, boolean strict)
099 throws PortalException, SystemException {
100
101 if (!contains(
102 permissionChecker, groupId, layout, portletId, actionId,
103 strict)) {
104
105 throw new PrincipalException();
106 }
107 }
108
109 @Override
110 public void check(
111 PermissionChecker permissionChecker, long groupId, long plid,
112 String portletId, String actionId)
113 throws PortalException, SystemException {
114
115 check(
116 permissionChecker, groupId, plid, portletId, actionId,
117 DEFAULT_STRICT);
118 }
119
120 @Override
121 public void check(
122 PermissionChecker permissionChecker, long groupId, long plid,
123 String portletId, String actionId, boolean strict)
124 throws PortalException, SystemException {
125
126 if (!contains(
127 permissionChecker, groupId, plid, portletId, actionId,
128 strict)) {
129
130 throw new PrincipalException();
131 }
132 }
133
134 @Override
135 public void check(
136 PermissionChecker permissionChecker, long plid, String portletId,
137 String actionId)
138 throws PortalException, SystemException {
139
140 check(permissionChecker, plid, portletId, actionId, DEFAULT_STRICT);
141 }
142
143 @Override
144 public void check(
145 PermissionChecker permissionChecker, long plid, String portletId,
146 String actionId, boolean strict)
147 throws PortalException, SystemException {
148
149 if (!contains(permissionChecker, plid, portletId, actionId, strict)) {
150 throw new PrincipalException();
151 }
152 }
153
154 @Override
155 public void check(
156 PermissionChecker permissionChecker, String portletId,
157 String actionId)
158 throws PortalException, SystemException {
159
160 if (!contains(permissionChecker, portletId, actionId)) {
161 throw new PrincipalException();
162 }
163 }
164
165 @Override
166 public boolean contains(
167 PermissionChecker permissionChecker, Layout layout, Portlet portlet,
168 String actionId)
169 throws PortalException, SystemException {
170
171 return contains(
172 permissionChecker, layout, portlet, actionId, DEFAULT_STRICT);
173 }
174
175 @Override
176 public boolean contains(
177 PermissionChecker permissionChecker, Layout layout, Portlet portlet,
178 String actionId, boolean strict)
179 throws PortalException, SystemException {
180
181 return contains(
182 permissionChecker, 0, layout, portlet, actionId, strict);
183 }
184
185 @Override
186 public boolean contains(
187 PermissionChecker permissionChecker, Layout layout,
188 String portletId, String actionId)
189 throws PortalException, SystemException {
190
191 return contains(
192 permissionChecker, layout, portletId, actionId, DEFAULT_STRICT);
193 }
194
195 @Override
196 public boolean contains(
197 PermissionChecker permissionChecker, Layout layout,
198 String portletId, String actionId, boolean strict)
199 throws PortalException, SystemException {
200
201 return contains(
202 permissionChecker, 0, layout, portletId, actionId, strict);
203 }
204
205 @Override
206 public boolean contains(
207 PermissionChecker permissionChecker, long groupId, Layout layout,
208 Portlet portlet, String actionId)
209 throws PortalException, SystemException {
210
211 return contains(
212 permissionChecker, groupId, layout, portlet, actionId,
213 DEFAULT_STRICT);
214 }
215
216 @Override
217 public boolean contains(
218 PermissionChecker permissionChecker, long groupId, Layout layout,
219 Portlet portlet, String actionId, boolean strict)
220 throws PortalException, SystemException {
221
222 if (portlet.isUndeployedPortlet()) {
223 return false;
224 }
225
226 return contains(
227 permissionChecker, groupId, layout, portlet.getPortletId(),
228 actionId, strict);
229 }
230
231 @Override
232 public boolean contains(
233 PermissionChecker permissionChecker, long groupId, Layout layout,
234 String portletId, String actionId)
235 throws PortalException, SystemException {
236
237 return contains(
238 permissionChecker, groupId, layout, portletId, actionId,
239 DEFAULT_STRICT);
240 }
241
242 @Override
243 public boolean contains(
244 PermissionChecker permissionChecker, long groupId, Layout layout,
245 String portletId, String actionId, boolean strict)
246 throws PortalException, SystemException {
247
248 String name = null;
249 String primKey = null;
250
251 if (layout == null) {
252 name = portletId;
253 primKey = portletId;
254
255 return permissionChecker.hasPermission(
256 groupId, name, primKey, actionId);
257 }
258
259 if (!actionId.equals(ActionKeys.VIEW) &&
260 (layout instanceof VirtualLayout)) {
261
262 return hasCustomizePermission(
263 permissionChecker, layout, portletId, actionId);
264 }
265
266 Group group = layout.getGroup();
267
268 if (!group.isLayoutSetPrototype() &&
269 !SitesUtil.isLayoutUpdateable(layout) &&
270 actionId.equals(ActionKeys.CONFIGURATION)) {
271
272 return false;
273 }
274
275 groupId = layout.getGroupId();
276
277 name = PortletConstants.getRootPortletId(portletId);
278
279 Boolean hasPermission = StagingPermissionUtil.hasPermission(
280 permissionChecker, groupId, name, groupId, name, actionId);
281
282 if (hasPermission != null) {
283 return hasPermission.booleanValue();
284 }
285
286 if (group.isControlPanel() && actionId.equals(ActionKeys.VIEW)) {
287 return true;
288 }
289
290 primKey = getPrimaryKey(layout.getPlid(), portletId);
291
292 if (strict) {
293 return permissionChecker.hasPermission(
294 groupId, name, primKey, actionId);
295 }
296
297 if (hasConfigurePermission(
298 permissionChecker, layout, portletId, actionId) ||
299 hasCustomizePermission(
300 permissionChecker, layout, portletId, actionId)) {
301
302 return true;
303 }
304
305 return permissionChecker.hasPermission(
306 groupId, name, primKey, actionId);
307 }
308
309 public boolean contains(
310 PermissionChecker permissionChecker, long groupId, long plid,
311 Portlet portlet, String actionId)
312 throws PortalException, SystemException {
313
314 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
315
316 return contains(
317 permissionChecker, groupId, layout, portlet, actionId,
318 DEFAULT_STRICT);
319 }
320
321 @Override
322 public boolean contains(
323 PermissionChecker permissionChecker, long groupId, long plid,
324 Portlet portlet, String actionId, boolean strict)
325 throws PortalException, SystemException {
326
327 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
328
329 return contains(
330 permissionChecker, groupId, layout, portlet, actionId, strict);
331 }
332
333 public boolean contains(
334 PermissionChecker permissionChecker, long groupId, long plid,
335 String portletId, String actionId)
336 throws PortalException, SystemException {
337
338 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
339
340 return contains(
341 permissionChecker, groupId, layout, portletId, actionId,
342 DEFAULT_STRICT);
343 }
344
345 @Override
346 public boolean contains(
347 PermissionChecker permissionChecker, long groupId, long plid,
348 String portletId, String actionId, boolean strict)
349 throws PortalException, SystemException {
350
351 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
352
353 return contains(
354 permissionChecker, groupId, layout, portletId, actionId, strict);
355 }
356
357 @Override
358 public boolean contains(
359 PermissionChecker permissionChecker, long plid, Portlet portlet,
360 String actionId)
361 throws PortalException, SystemException {
362
363 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
364
365 return contains(
366 permissionChecker, layout, portlet, actionId, DEFAULT_STRICT);
367 }
368
369 @Override
370 public boolean contains(
371 PermissionChecker permissionChecker, long plid, Portlet portlet,
372 String actionId, boolean strict)
373 throws PortalException, SystemException {
374
375 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
376
377 return contains(
378 permissionChecker, 0, layout, portlet, actionId, strict);
379 }
380
381 @Override
382 public boolean contains(
383 PermissionChecker permissionChecker, long plid, String portletId,
384 String actionId)
385 throws PortalException, SystemException {
386
387 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
388
389 return contains(
390 permissionChecker, layout, portletId, actionId, DEFAULT_STRICT);
391 }
392
393 @Override
394 public boolean contains(
395 PermissionChecker permissionChecker, long plid, String portletId,
396 String actionId, boolean strict)
397 throws PortalException, SystemException {
398
399 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
400
401 return contains(
402 permissionChecker, 0, layout, portletId, actionId, strict);
403 }
404
405 @Override
406 public boolean contains(
407 PermissionChecker permissionChecker, String portletId,
408 String actionId)
409 throws PortalException, SystemException {
410
411 return contains(permissionChecker, 0, portletId, actionId);
412 }
413
414 @Override
415 public String getPrimaryKey(long plid, String portletId) {
416 return String.valueOf(plid).concat(
417 PortletConstants.LAYOUT_SEPARATOR).concat(portletId);
418 }
419
420 @Override
421 public boolean hasAccessPermission(
422 PermissionChecker permissionChecker, long scopeGroupId,
423 Layout layout, Portlet portlet, PortletMode portletMode)
424 throws PortalException, SystemException {
425
426 if ((layout != null) && layout.isTypeControlPanel()) {
427 String category = portlet.getControlPanelEntryCategory();
428
429 if (StringUtil.startsWith(
430 category, PortletCategoryKeys.SITE_ADMINISTRATION)) {
431
432 layout = null;
433 }
434 }
435
436 boolean access = contains(
437 permissionChecker, scopeGroupId, layout, portlet, ActionKeys.VIEW);
438
439 if (access && !PropsValues.TCK_URL &&
440 portletMode.equals(PortletMode.EDIT)) {
441
442 access = contains(
443 permissionChecker, scopeGroupId, layout, portlet,
444 ActionKeys.PREFERENCES);
445 }
446
447 return access;
448 }
449
450 @Override
451 public boolean hasConfigurationPermission(
452 PermissionChecker permissionChecker, long groupId, Layout layout,
453 String actionId)
454 throws PortalException, SystemException {
455
456 LayoutTypePortlet layoutTypePortlet =
457 (LayoutTypePortlet)layout.getLayoutType();
458
459 for (Portlet portlet : layoutTypePortlet.getAllPortlets(false)) {
460 if (contains(
461 permissionChecker, groupId, layout, portlet.getPortletId(),
462 actionId)) {
463
464 return true;
465 }
466
467 if (contains(
468 permissionChecker, groupId, null,
469 portlet.getRootPortletId(), actionId)) {
470
471 return true;
472 }
473 }
474
475 return false;
476 }
477
478 @Override
479 public boolean hasControlPanelAccessPermission(
480 PermissionChecker permissionChecker, long groupId,
481 Collection<Portlet> portlets)
482 throws PortalException, SystemException {
483
484 for (Portlet portlet : portlets) {
485 if (hasControlPanelAccessPermission(
486 permissionChecker, groupId, portlet)) {
487
488 return true;
489 }
490 }
491
492 return false;
493 }
494
495 @Override
496 public boolean hasControlPanelAccessPermission(
497 PermissionChecker permissionChecker, long scopeGroupId,
498 Portlet portlet)
499 throws PortalException, SystemException {
500
501 Group group = GroupLocalServiceUtil.getGroup(scopeGroupId);
502
503 ControlPanelEntry controlPanelEntry =
504 portlet.getControlPanelEntryInstance();
505
506 try {
507 return controlPanelEntry.hasAccessPermission(
508 permissionChecker, group, portlet);
509 }
510 catch (Exception e) {
511 if (_log.isWarnEnabled()) {
512 _log.warn("Cannot process control panel access permission", e);
513 }
514
515 return false;
516 }
517 }
518
519 @Override
520 public boolean hasControlPanelAccessPermission(
521 PermissionChecker permissionChecker, long scopeGroupId,
522 String portletId)
523 throws PortalException, SystemException {
524
525 Portlet portlet = PortletLocalServiceUtil.getPortletById(portletId);
526
527 return hasControlPanelAccessPermission(
528 permissionChecker, scopeGroupId, portlet);
529 }
530
531 @Override
532 public boolean hasLayoutManagerPermission(
533 String portletId, String actionId) {
534
535 try {
536 portletId = PortletConstants.getRootPortletId(portletId);
537
538 List<String> layoutManagerActions =
539 ResourceActionsUtil.getPortletResourceLayoutManagerActions(
540 portletId);
541
542 return layoutManagerActions.contains(actionId);
543 }
544 catch (Exception e) {
545 _log.error(e, e);
546
547 return false;
548 }
549 }
550
551 protected boolean hasConfigurePermission(
552 PermissionChecker permissionChecker, Layout layout,
553 String portletId, String actionId)
554 throws PortalException, SystemException {
555
556 if (!actionId.equals(ActionKeys.CONFIGURATION) &&
557 !actionId.equals(ActionKeys.PREFERENCES) &&
558 !actionId.equals(ActionKeys.GUEST_PREFERENCES)) {
559
560 return false;
561 }
562
563 Portlet portlet = PortletLocalServiceUtil.getPortletById(
564 layout.getCompanyId(), portletId);
565
566 if (portlet.isPreferencesUniquePerLayout()) {
567 return LayoutPermissionUtil.contains(
568 permissionChecker, layout, ActionKeys.CONFIGURE_PORTLETS);
569 }
570
571 return GroupPermissionUtil.contains(
572 permissionChecker, layout.getGroupId(),
573 ActionKeys.CONFIGURE_PORTLETS);
574 }
575
576 protected boolean hasCustomizePermission(
577 PermissionChecker permissionChecker, Layout layout,
578 String portletId, String actionId)
579 throws PortalException, SystemException {
580
581 LayoutTypePortlet layoutTypePortlet =
582 (LayoutTypePortlet)layout.getLayoutType();
583
584 if (layoutTypePortlet.isCustomizedView() &&
585 layoutTypePortlet.isPortletCustomizable(portletId) &&
586 LayoutPermissionUtil.contains(
587 permissionChecker, layout, ActionKeys.CUSTOMIZE)) {
588
589 if (actionId.equals(ActionKeys.VIEW)) {
590 return true;
591 }
592 else if (actionId.equals(ActionKeys.CONFIGURATION)) {
593 Portlet portlet = PortletLocalServiceUtil.getPortletById(
594 layout.getCompanyId(), portletId);
595
596 if (portlet.isPreferencesUniquePerLayout()) {
597 return true;
598 }
599 }
600 }
601
602 return false;
603 }
604
605 private static Log _log = LogFactoryUtil.getLog(
606 PortletPermissionImpl.class);
607
608 }