001    /**
002     * Copyright (c) 2000-2013 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portlet.portletconfiguration.action;
016    
017    import com.liferay.portal.kernel.servlet.SessionErrors;
018    import com.liferay.portal.kernel.util.Constants;
019    import com.liferay.portal.kernel.util.GetterUtil;
020    import com.liferay.portal.kernel.util.ParamUtil;
021    import com.liferay.portal.kernel.util.StringUtil;
022    import com.liferay.portal.kernel.util.Validator;
023    import com.liferay.portal.model.Layout;
024    import com.liferay.portal.model.Organization;
025    import com.liferay.portal.model.Portlet;
026    import com.liferay.portal.model.PortletConstants;
027    import com.liferay.portal.model.Resource;
028    import com.liferay.portal.model.UserGroup;
029    import com.liferay.portal.security.auth.PrincipalException;
030    import com.liferay.portal.security.permission.PermissionPropagator;
031    import com.liferay.portal.service.LayoutLocalServiceUtil;
032    import com.liferay.portal.service.PermissionServiceUtil;
033    import com.liferay.portal.service.PortletLocalServiceUtil;
034    import com.liferay.portal.service.ResourceBlockLocalServiceUtil;
035    import com.liferay.portal.service.ResourceBlockServiceUtil;
036    import com.liferay.portal.service.ResourceLocalServiceUtil;
037    import com.liferay.portal.service.ResourcePermissionServiceUtil;
038    import com.liferay.portal.servlet.filters.cache.CacheUtil;
039    import com.liferay.portal.struts.PortletAction;
040    import com.liferay.portal.theme.ThemeDisplay;
041    import com.liferay.portal.util.PropsValues;
042    import com.liferay.portal.util.WebKeys;
043    
044    import java.util.ArrayList;
045    import java.util.Date;
046    import java.util.Enumeration;
047    import java.util.HashMap;
048    import java.util.List;
049    import java.util.Map;
050    
051    import javax.portlet.ActionRequest;
052    import javax.portlet.ActionResponse;
053    import javax.portlet.PortletConfig;
054    import javax.portlet.RenderRequest;
055    import javax.portlet.RenderResponse;
056    
057    import org.apache.struts.action.ActionForm;
058    import org.apache.struts.action.ActionForward;
059    import org.apache.struts.action.ActionMapping;
060    
061    /**
062     * @author Brian Wing Shun Chan
063     * @author Connor McKay
064     */
065    public class EditPermissionsAction extends PortletAction {
066    
067            @Override
068            public void processAction(
069                            ActionMapping actionMapping, ActionForm actionForm,
070                            PortletConfig portletConfig, ActionRequest actionRequest,
071                            ActionResponse actionResponse)
072                    throws Exception {
073    
074                    actionRequest = ActionUtil.getWrappedActionRequest(actionRequest, null);
075    
076                    String cmd = ParamUtil.getString(actionRequest, Constants.CMD);
077    
078                    try {
079                            if (cmd.equals("group_permissions")) {
080                                    updateGroupPermissions(actionRequest);
081                            }
082                            else if (cmd.equals("guest_permissions")) {
083                                    updateGuestPermissions(actionRequest);
084                            }
085                            else if (cmd.equals("organization_permissions")) {
086                                    updateOrganizationPermissions(actionRequest);
087                            }
088                            else if (cmd.equals("role_permissions")) {
089                                    updateRolePermissions(actionRequest);
090                            }
091                            else if (cmd.equals("user_group_permissions")) {
092                                    updateUserGroupPermissions(actionRequest);
093                            }
094                            else if (cmd.equals("user_permissions")) {
095                                    updateUserPermissions(actionRequest);
096                            }
097    
098                            if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM < 5) {
099                                    String redirect = ParamUtil.getString(
100                                            actionRequest, "permissionsRedirect");
101    
102                                    sendRedirect(actionRequest, actionResponse, redirect);
103                            }
104                            else {
105                                    addSuccessMessage(actionRequest, actionResponse);
106                            }
107                    }
108                    catch (Exception e) {
109                            if (e instanceof PrincipalException) {
110                                    SessionErrors.add(actionRequest, e.getClass());
111    
112                                    setForward(
113                                            actionRequest, "portlet.portlet_configuration.error");
114                            }
115                            else {
116                                    throw e;
117                            }
118                    }
119            }
120    
121            @Override
122            public ActionForward render(
123                            ActionMapping actionMapping, ActionForm actionForm,
124                            PortletConfig portletConfig, RenderRequest renderRequest,
125                            RenderResponse renderResponse)
126                    throws Exception {
127    
128                    renderRequest = ActionUtil.getWrappedRenderRequest(renderRequest, null);
129    
130                    ThemeDisplay themeDisplay = (ThemeDisplay)renderRequest.getAttribute(
131                            WebKeys.THEME_DISPLAY);
132    
133                    long groupId = themeDisplay.getScopeGroupId();
134    
135                    String portletResource = ParamUtil.getString(
136                            renderRequest, "portletResource");
137                    String modelResource = ParamUtil.getString(
138                            renderRequest, "modelResource");
139                    String resourcePrimKey = ParamUtil.getString(
140                            renderRequest, "resourcePrimKey");
141    
142                    String selResource = portletResource;
143    
144                    if (Validator.isNotNull(modelResource)) {
145                            selResource = modelResource;
146                    }
147    
148                    try {
149                            PermissionServiceUtil.checkPermission(
150                                    groupId, selResource, resourcePrimKey);
151                    }
152                    catch (PrincipalException pe) {
153                            SessionErrors.add(
154                                    renderRequest, PrincipalException.class.getName());
155    
156                            setForward(renderRequest, "portlet.portlet_configuration.error");
157                    }
158    
159                    Portlet portlet = PortletLocalServiceUtil.getPortletById(
160                            themeDisplay.getCompanyId(), portletResource);
161    
162                    if (portlet != null) {
163                            renderResponse.setTitle(
164                                    ActionUtil.getTitle(portlet, renderRequest));
165                    }
166    
167                    return actionMapping.findForward(
168                            getForward(
169                                    renderRequest,
170                                    "portlet.portlet_configuration.edit_permissions"));
171            }
172    
173            protected String[] getActionIds(
174                    ActionRequest actionRequest, long roleId, boolean includePreselected) {
175    
176                    List<String> actionIds = getActionIdsList(
177                            actionRequest, roleId, includePreselected);
178    
179                    return actionIds.toArray(new String[actionIds.size()]);
180            }
181    
182            protected List<String> getActionIdsList(
183                    ActionRequest actionRequest, long roleId, boolean includePreselected) {
184    
185                    List<String> actionIds = new ArrayList<String>();
186    
187                    Enumeration<String> enu = actionRequest.getParameterNames();
188    
189                    while (enu.hasMoreElements()) {
190                            String name = enu.nextElement();
191    
192                            if (name.startsWith(roleId + "_ACTION_")) {
193                                    int pos = name.indexOf("_ACTION_");
194    
195                                    String actionId = name.substring(pos + 8);
196    
197                                    actionIds.add(actionId);
198                            }
199                            else if (includePreselected &&
200                                             name.startsWith(roleId + "_PRESELECTED_")) {
201    
202                                    int pos = name.indexOf("_PRESELECTED_");
203    
204                                    String actionId = name.substring(pos + 13);
205    
206                                    actionIds.add(actionId);
207                            }
208                    }
209    
210                    return actionIds;
211            }
212    
213            protected void updateGroupPermissions(ActionRequest actionRequest)
214                    throws Exception {
215    
216                    Layout layout = (Layout)actionRequest.getAttribute(WebKeys.LAYOUT);
217    
218                    long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
219                    long groupId = ParamUtil.getLong(actionRequest, "groupId");
220                    String[] actionIds = StringUtil.split(
221                            ParamUtil.getString(actionRequest, "groupIdActionIds"));
222    
223                    PermissionServiceUtil.setGroupPermissions(
224                            groupId, actionIds, resourceId);
225    
226                    if (!layout.isPrivateLayout()) {
227                            Resource resource = ResourceLocalServiceUtil.getResource(
228                                    resourceId);
229    
230                            if (resource.getPrimKey().startsWith(
231                                            layout.getPlid() + PortletConstants.LAYOUT_SEPARATOR)) {
232    
233                                    CacheUtil.clearCache(layout.getCompanyId());
234                            }
235                    }
236            }
237    
238            protected void updateGuestPermissions(ActionRequest actionRequest)
239                    throws Exception {
240    
241                    ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
242                            WebKeys.THEME_DISPLAY);
243    
244                    long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
245                    String[] actionIds = StringUtil.split(
246                            ParamUtil.getString(actionRequest, "guestActionIds"));
247    
248                    PermissionServiceUtil.setUserPermissions(
249                            themeDisplay.getDefaultUserId(), themeDisplay.getScopeGroupId(),
250                            actionIds, resourceId);
251            }
252    
253            protected void updateOrganizationPermissions(ActionRequest actionRequest)
254                    throws Exception {
255    
256                    ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
257                            WebKeys.THEME_DISPLAY);
258    
259                    long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
260                    long organizationId = ParamUtil.getLong(
261                            actionRequest, "organizationIdsPosValue");
262                    String[] actionIds = StringUtil.split(
263                            ParamUtil.getString(actionRequest, "organizationIdActionIds"));
264                    //boolean organizationIntersection = ParamUtil.getBoolean(
265                    //        actionRequest, "organizationIntersection");
266    
267                    //if (!organizationIntersection) {
268                            PermissionServiceUtil.setGroupPermissions(
269                                    Organization.class.getName(), String.valueOf(organizationId),
270                                    themeDisplay.getScopeGroupId(), actionIds, resourceId);
271                    /*}
272                    else {
273                            PermissionServiceUtil.setOrgGroupPermissions(
274                                    organizationId, layout.getGroupId(), actionIds, resourceId);
275                    }*/
276            }
277    
278            protected void updateRolePermissions(ActionRequest actionRequest)
279                    throws Exception {
280    
281                    if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
282                            updateRolePermissions_5(actionRequest);
283                    }
284                    else if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
285                            updateRolePermissions_6(actionRequest);
286                    }
287                    else {
288                            updateRolePermissions_1to4(actionRequest);
289                    }
290            }
291    
292            protected void updateRolePermissions_1to4(ActionRequest actionRequest)
293                    throws Exception {
294    
295                    ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
296                            WebKeys.THEME_DISPLAY);
297    
298                    long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
299                    long roleId = ParamUtil.getLong(actionRequest, "roleIdsPosValue");
300                    String[] actionIds = StringUtil.split(
301                            ParamUtil.getString(actionRequest, "roleIdActionIds"));
302    
303                    PermissionServiceUtil.setRolePermissions(
304                            roleId, themeDisplay.getScopeGroupId(), actionIds, resourceId);
305            }
306    
307            protected void updateRolePermissions_5(ActionRequest actionRequest)
308                    throws Exception {
309    
310                    ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
311                            WebKeys.THEME_DISPLAY);
312    
313                    long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
314    
315                    Map<Long, String[]> roleIdsToActionIds = new HashMap<Long, String[]>();
316    
317                    long[] roleIds = StringUtil.split(
318                            ParamUtil.getString(
319                                    actionRequest, "rolesSearchContainerPrimaryKeys"), 0L);
320    
321                    for (long roleId : roleIds) {
322                            String[] actionIds = getActionIds(actionRequest, roleId, false);
323    
324                            roleIdsToActionIds.put(roleId, actionIds);
325                    }
326    
327                    PermissionServiceUtil.setIndividualPermissions(
328                            themeDisplay.getScopeGroupId(), themeDisplay.getCompanyId(),
329                            roleIdsToActionIds, resourceId);
330            }
331    
332            protected void updateRolePermissions_6(ActionRequest actionRequest)
333                    throws Exception {
334    
335                    ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
336                            WebKeys.THEME_DISPLAY);
337    
338                    String portletResource = ParamUtil.getString(
339                            actionRequest, "portletResource");
340                    String modelResource = ParamUtil.getString(
341                            actionRequest, "modelResource");
342                    long[] roleIds = StringUtil.split(
343                            ParamUtil.getString(
344                                    actionRequest, "rolesSearchContainerPrimaryKeys"), 0L);
345    
346                    String selResource = PortletConstants.getRootPortletId(portletResource);
347    
348                    if (Validator.isNotNull(modelResource)) {
349                            selResource = modelResource;
350                    }
351    
352                    long resourceGroupId = ParamUtil.getLong(
353                            actionRequest, "resourceGroupId", themeDisplay.getScopeGroupId());
354                    String resourcePrimKey = ParamUtil.getString(
355                            actionRequest, "resourcePrimKey");
356    
357                    Map<Long, String[]> roleIdsToActionIds = new HashMap<Long, String[]>();
358    
359                    if (ResourceBlockLocalServiceUtil.isSupported(selResource)) {
360                            for (long roleId : roleIds) {
361                                    List<String> actionIds = getActionIdsList(
362                                            actionRequest, roleId, true);
363    
364                                    roleIdsToActionIds.put(
365                                            roleId, actionIds.toArray(new String[actionIds.size()]));
366                            }
367    
368                            ResourceBlockServiceUtil.setIndividualScopePermissions(
369                                    themeDisplay.getCompanyId(), resourceGroupId, selResource,
370                                    GetterUtil.getLong(resourcePrimKey), roleIdsToActionIds);
371                    }
372                    else {
373                            for (long roleId : roleIds) {
374                                    String[] actionIds = getActionIds(actionRequest, roleId, false);
375    
376                                    roleIdsToActionIds.put(roleId, actionIds);
377                            }
378    
379                            ResourcePermissionServiceUtil.setIndividualResourcePermissions(
380                                    resourceGroupId, themeDisplay.getCompanyId(), selResource,
381                                    resourcePrimKey, roleIdsToActionIds);
382                    }
383    
384                    int pos = resourcePrimKey.indexOf(PortletConstants.LAYOUT_SEPARATOR);
385    
386                    if (pos != -1) {
387                            long plid = GetterUtil.getLong(resourcePrimKey.substring(0, pos));
388    
389                            Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
390    
391                            if (layout != null) {
392                                    layout.setModifiedDate(new Date());
393    
394                                    LayoutLocalServiceUtil.updateLayout(layout);
395    
396                                    CacheUtil.clearCache(layout.getCompanyId());
397                            }
398                    }
399    
400                    if (PropsValues.PERMISSIONS_PROPAGATION_ENABLED) {
401                            Portlet portlet = PortletLocalServiceUtil.getPortletById(
402                                    themeDisplay.getCompanyId(), portletResource);
403    
404                            PermissionPropagator permissionPropagator =
405                                    portlet.getPermissionPropagatorInstance();
406    
407                            if (permissionPropagator != null) {
408                                    permissionPropagator.propagateRolePermissions(
409                                            actionRequest, modelResource, resourcePrimKey, roleIds);
410                            }
411                    }
412            }
413    
414            protected void updateUserGroupPermissions(ActionRequest actionRequest)
415                    throws Exception {
416    
417                    ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
418                            WebKeys.THEME_DISPLAY);
419    
420                    long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
421                    long userGroupId = ParamUtil.getLong(
422                            actionRequest, "userGroupIdsPosValue");
423                    String[] actionIds = StringUtil.split(
424                            ParamUtil.getString(actionRequest, "userGroupIdActionIds"));
425    
426                    PermissionServiceUtil.setGroupPermissions(
427                            UserGroup.class.getName(), String.valueOf(userGroupId),
428                            themeDisplay.getScopeGroupId(), actionIds, resourceId);
429            }
430    
431            protected void updateUserPermissions(ActionRequest actionRequest)
432                    throws Exception {
433    
434                    ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
435                            WebKeys.THEME_DISPLAY);
436    
437                    long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
438                    long userId = ParamUtil.getLong(actionRequest, "userIdsPosValue");
439                    String[] actionIds = StringUtil.split(
440                            ParamUtil.getString(actionRequest, "userIdActionIds"));
441    
442                    PermissionServiceUtil.setUserPermissions(
443                            userId, themeDisplay.getScopeGroupId(), actionIds, resourceId);
444            }
445    
446    }