1   /**
2    * Copyright (c) 2000-2009 Liferay, Inc. All rights reserved.
3    *
4    * The contents of this file are subject to the terms of the Liferay Enterprise
5    * Subscription License ("License"). You may not use this file except in
6    * compliance with the License. You can obtain a copy of the License by
7    * contacting Liferay, Inc. See the License for the specific language governing
8    * permissions and limitations under the License, including but not limited to
9    * distribution rights of the Software.
10   *
11   * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
12   * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13   * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
14   * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
15   * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
16   * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
17   * SOFTWARE.
18   */
19  
20  package com.liferay.portlet.portletconfiguration.action;
21  
22  import com.liferay.portal.kernel.servlet.SessionErrors;
23  import com.liferay.portal.kernel.util.Constants;
24  import com.liferay.portal.kernel.util.ParamUtil;
25  import com.liferay.portal.kernel.util.StringUtil;
26  import com.liferay.portal.kernel.util.Validator;
27  import com.liferay.portal.model.Layout;
28  import com.liferay.portal.model.Organization;
29  import com.liferay.portal.model.Portlet;
30  import com.liferay.portal.model.PortletConstants;
31  import com.liferay.portal.model.Resource;
32  import com.liferay.portal.model.UserGroup;
33  import com.liferay.portal.security.auth.PrincipalException;
34  import com.liferay.portal.service.PermissionServiceUtil;
35  import com.liferay.portal.service.PortletLocalServiceUtil;
36  import com.liferay.portal.service.ResourceLocalServiceUtil;
37  import com.liferay.portal.servlet.filters.cache.CacheUtil;
38  import com.liferay.portal.theme.ThemeDisplay;
39  import com.liferay.portal.util.WebKeys;
40  
41  import javax.portlet.ActionRequest;
42  import javax.portlet.ActionResponse;
43  import javax.portlet.PortletConfig;
44  import javax.portlet.RenderRequest;
45  import javax.portlet.RenderResponse;
46  
47  import org.apache.struts.action.ActionForm;
48  import org.apache.struts.action.ActionForward;
49  import org.apache.struts.action.ActionMapping;
50  
51  /**
52   * <a href="EditPermissionsAction.java.html"><b><i>View Source</i></b></a>
53   *
54   * @author Brian Wing Shun Chan
55   *
56   */
57  public class EditPermissionsAction extends EditConfigurationAction {
58  
59      public void processAction(
60              ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
61              ActionRequest actionRequest, ActionResponse actionResponse)
62          throws Exception {
63  
64          String cmd = ParamUtil.getString(actionRequest, Constants.CMD);
65  
66          try {
67              if (cmd.equals("group_permissions")) {
68                  updateGroupPermissions(actionRequest);
69              }
70              else if (cmd.equals("guest_permissions")) {
71                  updateGuestPermissions(actionRequest);
72              }
73              else if (cmd.equals("organization_permissions")) {
74                  updateOrganizationPermissions(actionRequest);
75              }
76              else if (cmd.equals("role_permissions")) {
77                  updateRolePermissions(actionRequest);
78              }
79              else if (cmd.equals("user_group_permissions")) {
80                  updateUserGroupPermissions(actionRequest);
81              }
82              else if (cmd.equals("user_permissions")) {
83                  updateUserPermissions(actionRequest);
84              }
85  
86              String redirect = ParamUtil.getString(
87                  actionRequest, "permissionsRedirect");
88  
89              sendRedirect(actionRequest, actionResponse, redirect);
90          }
91          catch (Exception e) {
92              if (e instanceof PrincipalException) {
93                  SessionErrors.add(actionRequest, e.getClass().getName());
94  
95                  setForward(
96                      actionRequest, "portlet.portlet_configuration.error");
97              }
98              else {
99                  throw e;
100             }
101         }
102     }
103 
104     public ActionForward render(
105             ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
106             RenderRequest renderRequest, RenderResponse renderResponse)
107         throws Exception {
108 
109         ThemeDisplay themeDisplay = (ThemeDisplay)renderRequest.getAttribute(
110             WebKeys.THEME_DISPLAY);
111 
112         long groupId = themeDisplay.getScopeGroupId();
113 
114         String portletResource = ParamUtil.getString(
115             renderRequest, "portletResource");
116         String modelResource = ParamUtil.getString(
117             renderRequest, "modelResource");
118         String resourcePrimKey = ParamUtil.getString(
119             renderRequest, "resourcePrimKey");
120 
121         String selResource = portletResource;
122 
123         if (Validator.isNotNull(modelResource)) {
124             selResource = modelResource;
125         }
126 
127         try {
128             PermissionServiceUtil.checkPermission(
129                 groupId, selResource, resourcePrimKey);
130         }
131         catch (PrincipalException pe) {
132             SessionErrors.add(
133                 renderRequest, PrincipalException.class.getName());
134 
135             setForward(renderRequest, "portlet.portlet_configuration.error");
136         }
137 
138         Portlet portlet = PortletLocalServiceUtil.getPortletById(
139             themeDisplay.getCompanyId(), portletResource);
140 
141         if (portlet != null) {
142             renderResponse.setTitle(getTitle(portlet, renderRequest));
143         }
144 
145         return mapping.findForward(getForward(
146             renderRequest, "portlet.portlet_configuration.edit_permissions"));
147     }
148 
149     protected void updateGroupPermissions(ActionRequest actionRequest)
150         throws Exception {
151 
152         Layout layout = (Layout)actionRequest.getAttribute(WebKeys.LAYOUT);
153 
154         long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
155         long groupId = ParamUtil.getLong(actionRequest, "groupId");
156         String[] actionIds = StringUtil.split(
157             ParamUtil.getString(actionRequest, "groupIdActionIds"));
158 
159         PermissionServiceUtil.setGroupPermissions(
160             groupId, actionIds, resourceId);
161 
162         if (!layout.isPrivateLayout()) {
163             Resource resource =
164                 ResourceLocalServiceUtil.getResource(resourceId);
165 
166             if (resource.getPrimKey().startsWith(
167                     layout.getPlid() + PortletConstants.LAYOUT_SEPARATOR)) {
168 
169                 CacheUtil.clearCache(layout.getCompanyId());
170             }
171         }
172     }
173 
174     protected void updateGuestPermissions(ActionRequest actionRequest)
175         throws Exception {
176 
177         ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
178             WebKeys.THEME_DISPLAY);
179 
180         long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
181         String[] actionIds = StringUtil.split(
182             ParamUtil.getString(actionRequest, "guestActionIds"));
183 
184         PermissionServiceUtil.setUserPermissions(
185             themeDisplay.getDefaultUserId(), themeDisplay.getScopeGroupId(),
186             actionIds, resourceId);
187     }
188 
189     protected void updateOrganizationPermissions(ActionRequest actionRequest)
190         throws Exception {
191 
192         Layout layout = (Layout)actionRequest.getAttribute(WebKeys.LAYOUT);
193 
194         long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
195         long organizationId = ParamUtil.getLong(
196             actionRequest, "organizationIdsPosValue");
197         String[] actionIds = StringUtil.split(
198             ParamUtil.getString(actionRequest, "organizationIdActionIds"));
199         //boolean organizationIntersection = ParamUtil.getBoolean(
200         //  actionRequest, "organizationIntersection");
201 
202         //if (!organizationIntersection) {
203             PermissionServiceUtil.setGroupPermissions(
204                 Organization.class.getName(), String.valueOf(organizationId),
205                 layout.getGroupId(), actionIds, resourceId);
206         /*}
207         else {
208             PermissionServiceUtil.setOrgGroupPermissions(
209                 organizationId, layout.getGroupId(), actionIds, resourceId);
210         }*/
211     }
212 
213     protected void updateRolePermissions(ActionRequest actionRequest)
214         throws Exception {
215 
216         ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
217             WebKeys.THEME_DISPLAY);
218 
219         long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
220         long roleId = ParamUtil.getLong(actionRequest, "roleIdsPosValue");
221         String[] actionIds = StringUtil.split(
222             ParamUtil.getString(actionRequest, "roleIdActionIds"));
223 
224         PermissionServiceUtil.setRolePermissions(
225             roleId, themeDisplay.getScopeGroupId(), actionIds, resourceId);
226     }
227 
228     protected void updateUserGroupPermissions(ActionRequest actionRequest)
229         throws Exception {
230 
231         Layout layout = (Layout)actionRequest.getAttribute(WebKeys.LAYOUT);
232 
233         long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
234         long userGroupId = ParamUtil.getLong(
235             actionRequest, "userGroupIdsPosValue");
236         String[] actionIds = StringUtil.split(
237             ParamUtil.getString(actionRequest, "userGroupIdActionIds"));
238 
239         PermissionServiceUtil.setGroupPermissions(
240             UserGroup.class.getName(), String.valueOf(userGroupId),
241             layout.getGroupId(), actionIds, resourceId);
242     }
243 
244     protected void updateUserPermissions(ActionRequest actionRequest)
245         throws Exception {
246 
247         ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
248             WebKeys.THEME_DISPLAY);
249 
250         long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
251         long userId = ParamUtil.getLong(actionRequest, "userIdsPosValue");
252         String[] actionIds = StringUtil.split(
253             ParamUtil.getString(actionRequest, "userIdActionIds"));
254 
255         PermissionServiceUtil.setUserPermissions(
256             userId, themeDisplay.getScopeGroupId(), actionIds, resourceId);
257     }
258 
259 }