001    /**
002     * Copyright (c) 2000-2013 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.util.bridges.alloy;
016    
017    import com.liferay.portal.NoSuchResourceActionException;
018    import com.liferay.portal.kernel.exception.PortalException;
019    import com.liferay.portal.kernel.util.StringPool;
020    import com.liferay.portal.kernel.util.StringUtil;
021    import com.liferay.portal.security.auth.PrincipalException;
022    import com.liferay.portal.security.permission.PermissionChecker;
023    import com.liferay.portal.security.permission.ResourceActionsUtil;
024    import com.liferay.portal.theme.PortletDisplay;
025    import com.liferay.portal.theme.ThemeDisplay;
026    
027    /**
028     * @author Ethan Bustad
029     */
030    public class AlloyPermission {
031    
032            public static void check(
033                            PermissionChecker permissionChecker, long groupId, String portletId,
034                            String controller, String actionId)
035                    throws PortalException {
036    
037                    if (!contains(
038                                    permissionChecker, groupId, portletId, controller, actionId)) {
039    
040                            throw new PrincipalException();
041                    }
042            }
043    
044            public static void check(
045                            ThemeDisplay themeDisplay, String controller, String actionId)
046                    throws PortalException {
047    
048                    if (!contains(themeDisplay, controller, actionId)) {
049                            throw new PrincipalException();
050                    }
051            }
052    
053            public static boolean contains(
054                    PermissionChecker permissionChecker, long groupId, String portletId,
055                    String controller, String actionId) {
056    
057                    actionId =
058                            StringUtil.toUpperCase(actionId) + StringPool.UNDERLINE +
059                                    StringUtil.toUpperCase(controller);
060    
061                    try {
062                            ResourceActionsUtil.checkAction(portletId, actionId);
063                    }
064                    catch (NoSuchResourceActionException e) {
065                            return true;
066                    }
067    
068                    return permissionChecker.hasPermission(
069                            groupId, portletId, groupId, actionId);
070            }
071    
072            public static boolean contains(
073                    ThemeDisplay themeDisplay, String controller, String actionId) {
074    
075                    PortletDisplay portletDisplay = themeDisplay.getPortletDisplay();
076    
077                    return contains(
078                            themeDisplay.getPermissionChecker(), themeDisplay.getScopeGroupId(),
079                            portletDisplay.getRootPortletId(), controller, actionId);
080            }
081    
082    }