1   /**
2    * Copyright (c) 2000-2009 Liferay, Inc. All rights reserved.
3    *
4    * The contents of this file are subject to the terms of the Liferay Enterprise
5    * Subscription License ("License"). You may not use this file except in
6    * compliance with the License. You can obtain a copy of the License by
7    * contacting Liferay, Inc. See the License for the specific language governing
8    * permissions and limitations under the License, including but not limited to
9    * distribution rights of the Software.
10   *
11   * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
12   * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13   * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
14   * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
15   * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
16   * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
17   * SOFTWARE.
18   */
19  
20  package com.liferay.portal.service.impl;
21  
22  import com.liferay.portal.NoSuchResourceException;
23  import com.liferay.portal.PortalException;
24  import com.liferay.portal.ResourceActionsException;
25  import com.liferay.portal.SystemException;
26  import com.liferay.portal.kernel.log.Log;
27  import com.liferay.portal.kernel.log.LogFactoryUtil;
28  import com.liferay.portal.model.Group;
29  import com.liferay.portal.model.GroupConstants;
30  import com.liferay.portal.model.Permission;
31  import com.liferay.portal.model.Resource;
32  import com.liferay.portal.model.ResourceCode;
33  import com.liferay.portal.model.ResourceConstants;
34  import com.liferay.portal.model.Role;
35  import com.liferay.portal.model.RoleConstants;
36  import com.liferay.portal.security.permission.PermissionsListFilter;
37  import com.liferay.portal.security.permission.PermissionsListFilterFactory;
38  import com.liferay.portal.security.permission.ResourceActionsUtil;
39  import com.liferay.portal.service.base.ResourceLocalServiceBaseImpl;
40  import com.liferay.portal.util.PropsValues;
41  import com.liferay.portal.util.comparator.ResourceComparator;
42  
43  import java.util.List;
44  
45  import org.apache.commons.lang.time.StopWatch;
46  
47  /**
48   * <a href="ResourceLocalServiceImpl.java.html"><b><i>View Source</i></b></a>
49   *
50   * @author Brian Wing Shun Chan
51   * @author Wilson S. Man
52   * @author Raymond Augé
53   *
54   */
55  public class ResourceLocalServiceImpl extends ResourceLocalServiceBaseImpl {
56  
57      public void addModelResources(
58              long companyId, long groupId, long userId, String name,
59              long primKey, String[] communityPermissions,
60              String[] guestPermissions)
61          throws PortalException, SystemException {
62  
63          addModelResources(
64              companyId, groupId, userId, name, String.valueOf(primKey),
65              communityPermissions, guestPermissions);
66      }
67  
68      public void addModelResources(
69              long companyId, long groupId, long userId, String name,
70              String primKey, String[] communityPermissions,
71              String[] guestPermissions)
72          throws PortalException, SystemException {
73  
74          validate(companyId, name, false);
75  
76          // Company
77  
78          addResource(
79              companyId, name, ResourceConstants.SCOPE_COMPANY,
80              String.valueOf(companyId));
81  
82          // Guest
83  
84          Group guestGroup = groupLocalService.getGroup(
85              companyId, GroupConstants.GUEST);
86  
87          addResource(
88              companyId, name, ResourceConstants.SCOPE_GROUP,
89              String.valueOf(guestGroup.getGroupId()));
90  
91          // Group
92  
93          if ((groupId > 0) && (guestGroup.getGroupId() != groupId)) {
94              addResource(
95                  companyId, name, ResourceConstants.SCOPE_GROUP,
96                  String.valueOf(groupId));
97          }
98  
99          if (primKey != null) {
100 
101             // Individual
102 
103             Resource resource = addResource(
104                 companyId, name, ResourceConstants.SCOPE_INDIVIDUAL, primKey);
105 
106             long defaultUserId = userLocalService.getDefaultUserId(
107                 companyId);
108 
109             PermissionsListFilter permissionsListFilter =
110                 PermissionsListFilterFactory.getInstance();
111 
112             // Permissions
113 
114             List<Permission> permissionsList =
115                 permissionLocalService.addPermissions(
116                     companyId, name, resource.getResourceId(), false);
117 
118             List<Permission> userPermissionsList =
119                 permissionsListFilter.filterUserPermissions(
120                     companyId, groupId, userId, name, primKey, false,
121                     permissionsList);
122 
123             if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
124 
125                 // Owner permissions
126 
127                 Role ownerRole = roleLocalService.getRole(
128                     companyId, RoleConstants.OWNER);
129 
130                 rolePersistence.addPermissions(
131                     ownerRole.getRoleId(), userPermissionsList);
132             }
133             else {
134 
135                 // User permissions
136 
137                 if ((userId > 0) && (userId != defaultUserId)) {
138                     userPersistence.addPermissions(userId, userPermissionsList);
139                 }
140             }
141 
142             // Community permissions
143 
144             if (groupId > 0) {
145                 Group group = groupPersistence.findByPrimaryKey(groupId);
146 
147                 if (communityPermissions == null) {
148                     communityPermissions = new String[0];
149                 }
150 
151                 List<Permission> communityPermissionsList =
152                     permissionLocalService.getPermissions(
153                         companyId, communityPermissions,
154                         resource.getResourceId());
155 
156                 communityPermissionsList =
157                     permissionsListFilter.filterCommunityPermissions(
158                         companyId, groupId, userId, name, primKey, false,
159                         communityPermissionsList);
160 
161                 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
162                     Role role = null;
163 
164                     if (group.isCommunity()) {
165                         role = roleLocalService.getRole(
166                             companyId, RoleConstants.COMMUNITY_MEMBER);
167                     }
168                     else if (group.isOrganization()) {
169                         role = roleLocalService.getRole(
170                             companyId, RoleConstants.ORGANIZATION_MEMBER);
171                     }
172                     else if (group.isUser() || group.isUserGroup()) {
173                         role = roleLocalService.getRole(
174                             companyId, RoleConstants.POWER_USER);
175                     }
176 
177                     rolePersistence.addPermissions(
178                         role.getRoleId(), communityPermissionsList);
179                 }
180                 else {
181                     groupPersistence.addPermissions(
182                         groupId, communityPermissionsList);
183                 }
184             }
185 
186             // Guest permissions
187 
188             if (guestPermissions == null) {
189                 guestPermissions = new String[0];
190             }
191 
192             List<Permission> guestPermissionsList =
193                 permissionLocalService.getPermissions(
194                     companyId, guestPermissions, resource.getResourceId());
195 
196             guestPermissionsList = permissionsListFilter.filterGuestPermissions(
197                 companyId, groupId, userId, name, primKey, false,
198                 guestPermissionsList);
199 
200             if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
201 
202                 // Guest permissions
203 
204                 Role guestRole = roleLocalService.getRole(
205                     companyId, RoleConstants.GUEST);
206 
207                 rolePersistence.addPermissions(
208                     guestRole.getRoleId(), guestPermissionsList);
209             }
210             else {
211                 userPersistence.addPermissions(
212                     defaultUserId, guestPermissionsList);
213             }
214         }
215     }
216 
217     public Resource addResource(
218             long companyId, String name, int scope, String primKey)
219         throws SystemException {
220 
221         ResourceCode resourceCode = resourceCodeLocalService.getResourceCode(
222             companyId, name, scope);
223 
224         Resource resource = resourcePersistence.fetchByC_P(
225             resourceCode.getCodeId(), primKey);
226 
227         if (resource == null) {
228             long resourceId = counterLocalService.increment(
229                 Resource.class.getName());
230 
231             resource = resourcePersistence.create(resourceId);
232 
233             resource.setCodeId(resourceCode.getCodeId());
234             resource.setPrimKey(primKey);
235 
236             resourcePersistence.update(resource, false);
237         }
238 
239         return resource;
240     }
241 
242     public void addResources(
243             long companyId, long groupId, String name, boolean portletActions)
244         throws PortalException, SystemException {
245 
246         addResources(
247             companyId, groupId, 0, name, null, portletActions, false, false);
248     }
249 
250     public void addResources(
251             long companyId, long groupId, long userId, String name,
252             long primKey, boolean portletActions,
253             boolean addCommunityPermissions, boolean addGuestPermissions)
254         throws PortalException, SystemException {
255 
256         addResources(
257             companyId, groupId, userId, name, String.valueOf(primKey),
258             portletActions, addCommunityPermissions, addGuestPermissions);
259     }
260 
261     public void addResources(
262             long companyId, long groupId, long userId, String name,
263             String primKey, boolean portletActions,
264             boolean addCommunityPermissions, boolean addGuestPermissions)
265         throws PortalException, SystemException {
266 
267         StopWatch stopWatch = null;
268 
269         if (_log.isDebugEnabled()) {
270             stopWatch = new StopWatch();
271 
272             stopWatch.start();
273         }
274 
275         validate(companyId, name, portletActions);
276 
277         logAddResources(name, primKey, stopWatch, 1);
278 
279         // Company
280 
281         addResource(
282             companyId, name, ResourceConstants.SCOPE_COMPANY,
283             String.valueOf(companyId));
284 
285         logAddResources(name, primKey, stopWatch, 2);
286 
287         if (groupId > 0) {
288             addResource(
289                 companyId, name, ResourceConstants.SCOPE_GROUP,
290                 String.valueOf(groupId));
291         }
292 
293         logAddResources(name, primKey, stopWatch, 3);
294 
295         if (primKey != null) {
296 
297             // Individual
298 
299             Resource resource = addResource(
300                 companyId, name, ResourceConstants.SCOPE_INDIVIDUAL, primKey);
301 
302             logAddResources(name, primKey, stopWatch, 4);
303 
304             // Permissions
305 
306             List<Permission> permissionsList =
307                 permissionLocalService.addPermissions(
308                     companyId, name, resource.getResourceId(), portletActions);
309 
310             logAddResources(name, primKey, stopWatch, 5);
311 
312             PermissionsListFilter permissionsListFilter =
313                 PermissionsListFilterFactory.getInstance();
314 
315             List<Permission> userPermissionsList =
316                 permissionsListFilter.filterUserPermissions(
317                     companyId, groupId, userId, name, primKey,
318                     portletActions, permissionsList);
319 
320             if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
321 
322                 // Owner permissions
323 
324                 Role ownerRole = roleLocalService.getRole(
325                     companyId, RoleConstants.OWNER);
326 
327                 rolePersistence.addPermissions(
328                     ownerRole.getRoleId(), userPermissionsList);
329             }
330             else {
331 
332                 // User permissions
333 
334                 long defaultUserId = userLocalService.getDefaultUserId(
335                     companyId);
336 
337                 if ((userId > 0) && (userId != defaultUserId)) {
338                     userPersistence.addPermissions(userId, userPermissionsList);
339                 }
340             }
341 
342             logAddResources(name, primKey, stopWatch, 6);
343 
344             // Community permissions
345 
346             if ((groupId > 0) && addCommunityPermissions) {
347                 addCommunityPermissions(
348                     companyId, groupId, userId, name, resource, portletActions);
349             }
350 
351             logAddResources(name, primKey, stopWatch, 7);
352 
353             // Guest permissions
354 
355             if (addGuestPermissions) {
356 
357                 // Don't add guest permissions when you've already added
358                 // community permissions and the given community is the guest
359                 // community.
360 
361                 addGuestPermissions(
362                     companyId, groupId, userId, name, resource, portletActions);
363             }
364 
365             logAddResources(name, primKey, stopWatch, 8);
366         }
367     }
368 
369     public void deleteResource(long resourceId) throws SystemException {
370         try {
371             Resource resource = resourcePersistence.findByPrimaryKey(
372                 resourceId);
373 
374             deleteResource(resource);
375         }
376         catch (NoSuchResourceException nsre) {
377             if (_log.isWarnEnabled()) {
378                 _log.warn(nsre);
379             }
380         }
381     }
382 
383     public void deleteResource(Resource resource) throws SystemException {
384 
385         // Permissions
386 
387         List<Permission> permissions = permissionPersistence.findByResourceId(
388             resource.getResourceId());
389 
390         for (Permission permission : permissions) {
391             orgGroupPermissionPersistence.removeByPermissionId(
392                 permission.getPermissionId());
393         }
394 
395         permissionPersistence.removeByResourceId(resource.getResourceId());
396 
397         // Resource
398 
399         resourcePersistence.remove(resource);
400     }
401 
402     public void deleteResource(
403             long companyId, String name, int scope, long primKey)
404         throws PortalException, SystemException {
405 
406         deleteResource(companyId, name, scope, String.valueOf(primKey));
407     }
408 
409     public void deleteResource(
410             long companyId, String name, int scope, String primKey)
411         throws PortalException, SystemException {
412 
413         try {
414             Resource resource = getResource(companyId, name, scope, primKey);
415 
416             deleteResource(resource.getResourceId());
417         }
418         catch (NoSuchResourceException nsre) {
419             if (_log.isWarnEnabled()) {
420                 _log.warn(nsre);
421             }
422         }
423     }
424 
425     public void deleteResources(String name) throws SystemException {
426         List<Resource> resources = resourceFinder.findByName(name);
427 
428         for (Resource resource : resources) {
429             deleteResource(resource);
430         }
431     }
432 
433     public long getLatestResourceId() throws SystemException {
434         List<Resource> resources = resourcePersistence.findAll(
435             0, 1, new ResourceComparator());
436 
437         if (resources.size() == 0) {
438             return 0;
439         }
440         else {
441             Resource resource = resources.get(0);
442 
443             return resource.getResourceId();
444         }
445     }
446 
447     public Resource getResource(long resourceId)
448         throws PortalException, SystemException {
449 
450         return resourcePersistence.findByPrimaryKey(resourceId);
451     }
452 
453     public List<Resource> getResources() throws SystemException {
454         return resourcePersistence.findAll();
455     }
456 
457     public Resource getResource(
458             long companyId, String name, int scope, String primKey)
459         throws PortalException, SystemException {
460 
461         ResourceCode resourceCode = resourceCodeLocalService.getResourceCode(
462             companyId, name, scope);
463 
464         return resourcePersistence.findByC_P(resourceCode.getCodeId(), primKey);
465     }
466 
467     protected void addCommunityPermissions(
468             long companyId, long groupId, long userId, String name,
469             Resource resource, boolean portletActions)
470         throws PortalException, SystemException {
471 
472         StopWatch stopWatch = null;
473 
474         if (_log.isDebugEnabled()) {
475             stopWatch = new StopWatch();
476 
477             stopWatch.start();
478         }
479 
480         Group group = groupPersistence.findByPrimaryKey(groupId);
481 
482         long resourceId = resource.getResourceId();
483         String primKey = resource.getPrimKey();
484 
485         logAddCommunityPermissions(groupId, name, resourceId, stopWatch, 1);
486 
487         List<String> actions = null;
488 
489         if (portletActions) {
490             actions =
491                 ResourceActionsUtil.getPortletResourceCommunityDefaultActions(
492                     name);
493         }
494         else {
495             actions =
496                 ResourceActionsUtil.getModelResourceCommunityDefaultActions(
497                     name);
498         }
499 
500         logAddCommunityPermissions(groupId, name, resourceId, stopWatch, 2);
501 
502         String[] actionIds = actions.toArray(new String[actions.size()]);
503 
504         List<Permission> communityPermissionsList =
505             permissionLocalService.getPermissions(
506                 group.getCompanyId(), actionIds, resourceId);
507 
508         logAddCommunityPermissions(groupId, name, resourceId, stopWatch, 3);
509 
510         PermissionsListFilter permissionsListFilter =
511             PermissionsListFilterFactory.getInstance();
512 
513         communityPermissionsList =
514             permissionsListFilter.filterCommunityPermissions(
515                 companyId, groupId, userId, name, primKey, portletActions,
516                 communityPermissionsList);
517 
518         logAddCommunityPermissions(groupId, name, resourceId, stopWatch, 4);
519 
520         if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
521             Role role = null;
522 
523             if (group.isCommunity()) {
524                 role = roleLocalService.getRole(
525                     companyId, RoleConstants.COMMUNITY_MEMBER);
526             }
527             else if (group.isOrganization()) {
528                 role = roleLocalService.getRole(
529                     companyId, RoleConstants.ORGANIZATION_MEMBER);
530             }
531             else if (group.isUser() || group.isUserGroup()) {
532                 role = roleLocalService.getRole(
533                     companyId, RoleConstants.POWER_USER);
534             }
535 
536             rolePersistence.addPermissions(
537                 role.getRoleId(), communityPermissionsList);
538         }
539         else {
540             groupPersistence.addPermissions(groupId, communityPermissionsList);
541         }
542 
543         logAddCommunityPermissions(groupId, name, resourceId, stopWatch, 5);
544     }
545 
546     protected void addGuestPermissions(
547             long companyId, long groupId, long userId, String name,
548             Resource resource, boolean portletActions)
549         throws PortalException, SystemException {
550 
551         List<String> actions = null;
552 
553         if (portletActions) {
554             actions = ResourceActionsUtil.getPortletResourceGuestDefaultActions(
555                 name);
556         }
557         else {
558             actions = ResourceActionsUtil.getModelResourceGuestDefaultActions(
559                 name);
560         }
561 
562         String[] actionIds = actions.toArray(new String[actions.size()]);
563 
564         List<Permission> guestPermissionsList =
565             permissionLocalService.getPermissions(
566                 companyId, actionIds, resource.getResourceId());
567 
568         PermissionsListFilter permissionsListFilter =
569             PermissionsListFilterFactory.getInstance();
570 
571         guestPermissionsList =
572             permissionsListFilter.filterGuestPermissions(
573                 companyId, groupId, userId, name, resource.getPrimKey(),
574                 portletActions, guestPermissionsList);
575 
576         if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
577             Role guestRole = roleLocalService.getRole(
578                 companyId, RoleConstants.GUEST);
579 
580             rolePersistence.addPermissions(
581                 guestRole.getRoleId(), guestPermissionsList);
582         }
583         else {
584             long defaultUserId = userLocalService.getDefaultUserId(companyId);
585 
586             userPersistence.addPermissions(defaultUserId, guestPermissionsList);
587         }
588     }
589 
590     protected void logAddCommunityPermissions(
591         long groupId, String name, long resourceId, StopWatch stopWatch,
592         int block) {
593 
594         if (!_log.isDebugEnabled()) {
595             return;
596         }
597 
598         _log.debug(
599             "Adding community permissions block " + block + " for " + groupId +
600                 " " + name + " " + resourceId + " takes " +
601                     stopWatch.getTime() + " ms");
602     }
603 
604     protected void logAddResources(
605         String name, String primKey, StopWatch stopWatch, int block) {
606 
607         if (!_log.isDebugEnabled()) {
608             return;
609         }
610 
611         _log.debug(
612             "Adding resources block " + block + " for " + name + " " + primKey +
613                 " takes " + stopWatch.getTime() + " ms");
614     }
615 
616     protected void validate(
617             long companyId, String name, boolean portletActions)
618         throws PortalException, SystemException {
619 
620         List<String> actions = null;
621 
622         if (portletActions) {
623             actions = ResourceActionsUtil.getPortletResourceActions(
624                 companyId, name);
625         }
626         else {
627             actions = ResourceActionsUtil.getModelResourceActions(name);
628         }
629 
630         if (actions.size() == 0) {
631             throw new ResourceActionsException(
632                 "There are no actions associated with the resource " + name);
633         }
634     }
635 
636     private static Log _log =
637          LogFactoryUtil.getLog(ResourceLocalServiceImpl.class);
638 
639 }