1
19
20 package com.liferay.portal.service.impl;
21
22 import com.liferay.portal.PortalException;
23 import com.liferay.portal.SystemException;
24 import com.liferay.portal.kernel.util.GetterUtil;
25 import com.liferay.portal.model.Group;
26 import com.liferay.portal.model.Layout;
27 import com.liferay.portal.model.PortletConstants;
28 import com.liferay.portal.model.Resource;
29 import com.liferay.portal.model.Role;
30 import com.liferay.portal.model.User;
31 import com.liferay.portal.security.auth.PrincipalException;
32 import com.liferay.portal.security.permission.ActionKeys;
33 import com.liferay.portal.security.permission.PermissionChecker;
34 import com.liferay.portal.security.permission.PermissionCheckerBag;
35 import com.liferay.portal.service.base.PermissionServiceBaseImpl;
36 import com.liferay.portal.service.permission.GroupPermissionUtil;
37 import com.liferay.portal.service.permission.PortletPermissionUtil;
38 import com.liferay.portal.service.permission.UserPermissionUtil;
39
40
46 public class PermissionServiceImpl extends PermissionServiceBaseImpl {
47
48 public void checkPermission(long groupId, String name, String primKey)
49 throws PortalException, SystemException {
50
51 checkPermission(getPermissionChecker(), groupId, name, primKey);
52 }
53
54 public boolean hasGroupPermission(
55 long groupId, String actionId, long resourceId)
56 throws SystemException {
57
58 return permissionLocalService.hasGroupPermission(
59 groupId, actionId, resourceId);
60 }
61
62 public boolean hasUserPermission(
63 long userId, String actionId, long resourceId)
64 throws SystemException {
65
66 return permissionLocalService.hasUserPermission(
67 userId, actionId, resourceId);
68 }
69
70 public boolean hasUserPermissions(
71 long userId, long groupId, String actionId, long[] resourceIds,
72 PermissionCheckerBag permissionCheckerBag)
73 throws SystemException {
74
75 return permissionLocalService.hasUserPermissions(
76 userId, groupId, actionId, resourceIds, permissionCheckerBag);
77 }
78
79 public void setGroupPermissions(
80 long groupId, String[] actionIds, long resourceId)
81 throws PortalException, SystemException {
82
83 checkPermission(getPermissionChecker(), groupId, resourceId);
84
85 permissionLocalService.setGroupPermissions(
86 groupId, actionIds, resourceId);
87 }
88
89 public void setGroupPermissions(
90 String className, String classPK, long groupId,
91 String[] actionIds, long resourceId)
92 throws PortalException, SystemException {
93
94 checkPermission(getPermissionChecker(), groupId, resourceId);
95
96 permissionLocalService.setGroupPermissions(
97 className, classPK, groupId, actionIds, resourceId);
98 }
99
100 public void setOrgGroupPermissions(
101 long organizationId, long groupId, String[] actionIds,
102 long resourceId)
103 throws PortalException, SystemException {
104
105 checkPermission(getPermissionChecker(), groupId, resourceId);
106
107 permissionLocalService.setOrgGroupPermissions(
108 organizationId, groupId, actionIds, resourceId);
109 }
110
111 public void setRolePermission(
112 long roleId, long groupId, String name, int scope, String primKey,
113 String actionId)
114 throws PortalException, SystemException {
115
116 checkPermission(
117 getPermissionChecker(), groupId, Role.class.getName(), roleId);
118
119 permissionLocalService.setRolePermission(
120 roleId, getUser().getCompanyId(), name, scope, primKey, actionId);
121 }
122
123 public void setRolePermissions(
124 long roleId, long groupId, String[] actionIds, long resourceId)
125 throws PortalException, SystemException {
126
127 checkPermission(getPermissionChecker(), groupId, resourceId);
128
129 permissionLocalService.setRolePermissions(
130 roleId, actionIds, resourceId);
131 }
132
133 public void setUserPermissions(
134 long userId, long groupId, String[] actionIds, long resourceId)
135 throws PortalException, SystemException {
136
137 checkPermission(getPermissionChecker(), groupId, resourceId);
138
139 permissionLocalService.setUserPermissions(
140 userId, actionIds, resourceId);
141 }
142
143 public void unsetRolePermission(
144 long roleId, long groupId, long permissionId)
145 throws SystemException, PortalException {
146
147 checkPermission(
148 getPermissionChecker(), groupId, Role.class.getName(), roleId);
149
150 permissionLocalService.unsetRolePermission(roleId, permissionId);
151 }
152
153 public void unsetRolePermission(
154 long roleId, long groupId, String name, int scope, String primKey,
155 String actionId)
156 throws PortalException, SystemException {
157
158 checkPermission(
159 getPermissionChecker(), groupId, Role.class.getName(), roleId);
160
161 permissionLocalService.unsetRolePermission(
162 roleId, getUser().getCompanyId(), name, scope, primKey, actionId);
163 }
164
165 public void unsetRolePermissions(
166 long roleId, long groupId, String name, int scope, String actionId)
167 throws PortalException, SystemException {
168
169 checkPermission(
170 getPermissionChecker(), groupId, Role.class.getName(), roleId);
171
172 permissionLocalService.unsetRolePermissions(
173 roleId, getUser().getCompanyId(), name, scope, actionId);
174 }
175
176 public void unsetUserPermissions(
177 long userId, long groupId, String[] actionIds, long resourceId)
178 throws PortalException, SystemException {
179
180 checkPermission(getPermissionChecker(), groupId, resourceId);
181
182 permissionLocalService.unsetUserPermissions(
183 userId, actionIds, resourceId);
184 }
185
186 protected void checkPermission(
187 PermissionChecker permissionChecker, long groupId,
188 long resourceId)
189 throws PortalException, SystemException {
190
191 Resource resource = resourcePersistence.findByPrimaryKey(resourceId);
192
193 checkPermission(
194 permissionChecker, groupId, resource.getName(),
195 resource.getPrimKey().toString());
196 }
197
198 protected void checkPermission(
199 PermissionChecker permissionChecker, long groupId, String name,
200 long primKey)
201 throws PortalException, SystemException {
202
203 checkPermission(
204 permissionChecker, groupId, name, String.valueOf(primKey));
205 }
206
207 protected void checkPermission(
208 PermissionChecker permissionChecker, long groupId, String name,
209 String primKey)
210 throws PortalException, SystemException {
211
212 if (name.equals(Group.class.getName())) {
213 GroupPermissionUtil.check(
214 permissionChecker, GetterUtil.getLong(primKey),
215 ActionKeys.PERMISSIONS);
216 }
217 else if (name.equals(Layout.class.getName())) {
218 long plid = GetterUtil.getLong(primKey);
219
220 Layout layout = layoutPersistence.findByPrimaryKey(plid);
221
222 GroupPermissionUtil.check(
223 permissionChecker, layout.getGroupId(),
224 ActionKeys.MANAGE_LAYOUTS);
225 }
226 else if (name.equals(User.class.getName())) {
227 long userId = GetterUtil.getLong(primKey);
228
229 User user = userPersistence.findByPrimaryKey(userId);
230
231 UserPermissionUtil.check(
232 permissionChecker, userId, user.getOrganizationIds(),
233 ActionKeys.PERMISSIONS);
234 }
235 else if ((primKey != null) &&
236 (primKey.indexOf(PortletConstants.LAYOUT_SEPARATOR) != -1)) {
237
238 int pos = primKey.indexOf(PortletConstants.LAYOUT_SEPARATOR);
239
240 long plid = GetterUtil.getLong(primKey.substring(0, pos));
241
242 String portletId = primKey.substring(
243 pos + PortletConstants.LAYOUT_SEPARATOR.length(),
244 primKey.length());
245
246 if (!PortletPermissionUtil.contains(
247 permissionChecker, plid, portletId,
248 ActionKeys.CONFIGURATION)) {
249
250 throw new PrincipalException();
251 }
252 }
253 else if (!permissionChecker.hasPermission(
254 groupId, name, primKey, ActionKeys.PERMISSIONS) &&
255 !permissionChecker.hasPermission(
256 groupId, name, primKey, ActionKeys.DEFINE_PERMISSIONS)) {
257
258 throw new PrincipalException();
259 }
260 }
261
262 }