1   /**
2    * Copyright (c) 2000-2009 Liferay, Inc. All rights reserved.
3    *
4    * The contents of this file are subject to the terms of the Liferay Enterprise
5    * Subscription License ("License"). You may not use this file except in
6    * compliance with the License. You can obtain a copy of the License by
7    * contacting Liferay, Inc. See the License for the specific language governing
8    * permissions and limitations under the License, including but not limited to
9    * distribution rights of the Software.
10   *
11   * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
12   * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13   * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
14   * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
15   * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
16   * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
17   * SOFTWARE.
18   */
19  
20  package com.liferay.portal.service.permission;
21  
22  import com.liferay.portal.NoSuchResourceException;
23  import com.liferay.portal.PortalException;
24  import com.liferay.portal.SystemException;
25  import com.liferay.portal.model.Group;
26  import com.liferay.portal.model.Layout;
27  import com.liferay.portal.model.LayoutConstants;
28  import com.liferay.portal.model.ResourceConstants;
29  import com.liferay.portal.security.auth.PrincipalException;
30  import com.liferay.portal.security.permission.ActionKeys;
31  import com.liferay.portal.security.permission.PermissionChecker;
32  import com.liferay.portal.service.GroupLocalServiceUtil;
33  import com.liferay.portal.service.LayoutLocalServiceUtil;
34  import com.liferay.portal.service.ResourceLocalServiceUtil;
35  import com.liferay.portal.util.PropsValues;
36  
37  /**
38   * <a href="LayoutPermissionImpl.java.html"><b><i>View Source</i></b></a>
39   *
40   * @author Charles May
41   * @author Brian Wing Shun Chan
42   *
43   */
44  public class LayoutPermissionImpl implements LayoutPermission {
45  
46      public void check(
47              PermissionChecker permissionChecker, long plid, String actionId)
48          throws PortalException, SystemException {
49  
50          if (!contains(permissionChecker, plid, actionId)) {
51              throw new PrincipalException();
52          }
53      }
54  
55      public void check(
56              PermissionChecker permissionChecker, long groupId,
57              boolean privateLayout, long layoutId, String actionId)
58          throws PortalException, SystemException {
59  
60          if (!contains(
61                  permissionChecker, groupId, privateLayout, layoutId,
62                  actionId)) {
63  
64              throw new PrincipalException();
65          }
66      }
67  
68      public void check(
69              PermissionChecker permissionChecker, Layout layout, String actionId)
70          throws PortalException, SystemException {
71  
72          if (!contains(permissionChecker, layout, actionId)) {
73              throw new PrincipalException();
74          }
75      }
76  
77      public boolean contains(
78              PermissionChecker permissionChecker, long plid, String actionId)
79          throws PortalException, SystemException {
80  
81          Layout layout = LayoutLocalServiceUtil.getLayout(plid);
82  
83          return contains(permissionChecker, layout, actionId);
84      }
85  
86      public boolean contains(
87              PermissionChecker permissionChecker, long groupId,
88              boolean privateLayout, long layoutId, String actionId)
89          throws PortalException, SystemException {
90  
91          if (layoutId == LayoutConstants.DEFAULT_PARENT_LAYOUT_ID) {
92              if (GroupPermissionUtil.contains(
93                      permissionChecker, groupId, ActionKeys.MANAGE_LAYOUTS)) {
94  
95                  return true;
96              }
97              else {
98                  return false;
99              }
100         }
101         else {
102             Layout layout = LayoutLocalServiceUtil.getLayout(
103                 groupId, privateLayout, layoutId);
104 
105             return contains(permissionChecker, layout, actionId);
106         }
107     }
108 
109     public boolean contains(
110             PermissionChecker permissionChecker, Layout layout, String actionId)
111         throws PortalException, SystemException {
112 
113         if ((layout.isPrivateLayout() &&
114              !PropsValues.LAYOUT_USER_PRIVATE_LAYOUTS_MODIFIABLE) ||
115             (layout.isPublicLayout() &&
116              !PropsValues.LAYOUT_USER_PUBLIC_LAYOUTS_MODIFIABLE)) {
117 
118             if (actionId.equals(ActionKeys.UPDATE)) {
119                 Group group = GroupLocalServiceUtil.getGroup(
120                     layout.getGroupId());
121 
122                 if (group.isUser()) {
123                     return false;
124                 }
125             }
126         }
127 
128         if (GroupPermissionUtil.contains(
129                 permissionChecker, layout.getGroupId(),
130                 ActionKeys.MANAGE_LAYOUTS)) {
131 
132             return true;
133         }
134 
135         try {
136             ResourceLocalServiceUtil.getResource(
137                 layout.getCompanyId(), Layout.class.getName(),
138                 ResourceConstants.SCOPE_INDIVIDUAL,
139                 String.valueOf(layout.getPlid()));
140         }
141         catch (NoSuchResourceException nsre) {
142             boolean addCommunityPermission = true;
143             boolean addGuestPermission = true;
144 
145             if (layout.isPrivateLayout()) {
146                 addGuestPermission = false;
147             }
148 
149             ResourceLocalServiceUtil.addResources(
150                 layout.getCompanyId(), layout.getGroupId(), 0,
151                 Layout.class.getName(), layout.getPlid(), false,
152                 addCommunityPermission, addGuestPermission);
153         }
154 
155         return permissionChecker.hasPermission(
156             layout.getGroupId(), Layout.class.getName(), layout.getPlid(),
157             actionId);
158     }
159 
160 }