001    /**
002     * Copyright (c) 2000-2013 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portlet;
016    
017    import com.liferay.portal.kernel.exception.PortalException;
018    import com.liferay.portal.kernel.exception.SystemException;
019    import com.liferay.portal.kernel.util.StringPool;
020    import com.liferay.portal.model.Group;
021    import com.liferay.portal.model.LayoutConstants;
022    import com.liferay.portal.model.Portlet;
023    import com.liferay.portal.security.permission.ActionKeys;
024    import com.liferay.portal.security.permission.PermissionChecker;
025    import com.liferay.portal.security.permission.ResourceActionsUtil;
026    import com.liferay.portal.service.permission.PortletPermissionUtil;
027    import com.liferay.portal.theme.ThemeDisplay;
028    import com.liferay.portal.util.PortletCategoryKeys;
029    
030    import java.util.List;
031    
032    /**
033     * @author Jorge Ferrer
034     */
035    public abstract class BaseControlPanelEntry implements ControlPanelEntry {
036    
037            @Override
038            public boolean hasAccessPermission(
039                            PermissionChecker permissionChecker, Group group, Portlet portlet)
040                    throws Exception {
041    
042                    if (hasAccessPermissionDenied(permissionChecker, group, portlet)) {
043                            return false;
044                    }
045    
046                    if (hasAccessPermissionExplicitlyGranted(
047                                    permissionChecker, group, portlet)) {
048    
049                            return true;
050                    }
051    
052                    return hasPermissionImplicitlyGranted(
053                            permissionChecker, group, portlet);
054            }
055    
056            /**
057             * @deprecated As of 6.2.0, with no direct replacement.<p>This method was
058             *             originally defined to determine if a portlet should be
059             *             displayed in the Control Panel. In this version, this method
060             *             should always return <code>false</code> and remains only to
061             *             preserve binary compatibility. This method will be
062             *             permanently removed in a future version.</p><p>In lieu of
063             *             this method, the Control Panel now uses {@link
064             *             #hasAccessPermission} to determine if a portlet should be
065             *             displayed in the Control Panel.</p>
066             */
067            @Override
068            public boolean isVisible(
069                            PermissionChecker permissionChecker, Portlet portlet)
070                    throws Exception {
071    
072                    return false;
073            }
074    
075            /**
076             * @deprecated As of 6.2.0, with no direct replacement.<p>This method was
077             *             originally defined to determine if a portlet should be
078             *             displayed in the Control Panel. In this version, this method
079             *             should always return <code>false</code> and remains only to
080             *             preserve binary compatibility. This method will be
081             *             permanently removed in a future version.</p><p>In lieu of
082             *             this method, the Control Panel now uses {@link
083             *             #hasAccessPermission} to determine if a portlet should be
084             *             displayed in the Control Panel.</p>
085             */
086            @Override
087            public boolean isVisible(
088                            Portlet portlet, String category, ThemeDisplay themeDisplay)
089                    throws Exception {
090    
091                    return false;
092            }
093    
094            protected long getDefaultPlid(Group group, String category) {
095                    long plid = LayoutConstants.DEFAULT_PLID;
096    
097                    if (category.startsWith(PortletCategoryKeys.SITE_ADMINISTRATION)) {
098                            plid = group.getDefaultPublicPlid();
099    
100                            if (plid == LayoutConstants.DEFAULT_PLID) {
101                                    plid = group.getDefaultPrivatePlid();
102                            }
103                    }
104    
105                    return plid;
106            }
107    
108            protected boolean hasAccessPermissionDenied(
109                            PermissionChecker permissionChecker, Group group, Portlet portlet)
110                    throws Exception {
111    
112                    String category = portlet.getControlPanelEntryCategory();
113    
114                    if (category.equals(PortletCategoryKeys.SITE_ADMINISTRATION_CONTENT) &&
115                            group.isLayout() && !portlet.isScopeable()) {
116    
117                            return true;
118                    }
119    
120                    return false;
121            }
122    
123            protected boolean hasAccessPermissionExplicitlyGranted(
124                            PermissionChecker permissionChecker, Group group, Portlet portlet)
125                    throws PortalException, SystemException {
126    
127                    if (permissionChecker.isCompanyAdmin()) {
128                            return true;
129                    }
130    
131                    String category = portlet.getControlPanelEntryCategory();
132    
133                    if (category == null) {
134                            category = StringPool.BLANK;
135                    }
136    
137                    if (category.startsWith(PortletCategoryKeys.SITE_ADMINISTRATION)) {
138                            if (permissionChecker.isGroupAdmin(group.getGroupId()) &&
139                                    !group.isUser()) {
140    
141                                    return true;
142                            }
143                    }
144    
145                    long groupId = group.getGroupId();
146    
147                    if (category.equals(PortletCategoryKeys.APPS) ||
148                            category.equals(PortletCategoryKeys.CONFIGURATION) ||
149                            category.equals(PortletCategoryKeys.SITES) ||
150                            category.equals(PortletCategoryKeys.USERS)) {
151    
152                            groupId = 0;
153                    }
154    
155                    List<String> actions = ResourceActionsUtil.getResourceActions(
156                            portlet.getPortletId());
157    
158                    if (actions.contains(ActionKeys.ACCESS_IN_CONTROL_PANEL) &&
159                            PortletPermissionUtil.contains(
160                                    permissionChecker, groupId, 0, portlet.getRootPortletId(),
161                                    ActionKeys.ACCESS_IN_CONTROL_PANEL, true)) {
162    
163                            return true;
164                    }
165    
166                    return false;
167            }
168    
169            protected boolean hasPermissionImplicitlyGranted(
170                            PermissionChecker permissionChecker, Group group, Portlet portlet)
171                    throws Exception {
172    
173                    return false;
174            }
175    
176    }