1
22
23 package com.liferay.portal.service.permission;
24
25 import com.liferay.portal.PortalException;
26 import com.liferay.portal.SystemException;
27 import com.liferay.portal.kernel.log.Log;
28 import com.liferay.portal.kernel.log.LogFactoryUtil;
29 import com.liferay.portal.model.Group;
30 import com.liferay.portal.model.Layout;
31 import com.liferay.portal.model.Portlet;
32 import com.liferay.portal.model.PortletConstants;
33 import com.liferay.portal.security.auth.PrincipalException;
34 import com.liferay.portal.security.permission.ActionKeys;
35 import com.liferay.portal.security.permission.PermissionChecker;
36 import com.liferay.portal.security.permission.ResourceActionsUtil;
37 import com.liferay.portal.service.GroupLocalServiceUtil;
38 import com.liferay.portal.service.LayoutLocalServiceUtil;
39 import com.liferay.portal.util.PropsValues;
40
41 import java.util.List;
42
43
49 public class PortletPermissionImpl implements PortletPermission {
50
51 public static final boolean DEFAULT_STRICT = false;
52
53 public void check(
54 PermissionChecker permissionChecker, String portletId,
55 String actionId)
56 throws PortalException, SystemException {
57
58 if (!contains(permissionChecker, portletId, actionId)) {
59 throw new PrincipalException();
60 }
61 }
62
63 public void check(
64 PermissionChecker permissionChecker, long plid, String portletId,
65 String actionId)
66 throws PortalException, SystemException {
67
68 check(permissionChecker, plid, portletId, actionId, DEFAULT_STRICT);
69 }
70
71 public void check(
72 PermissionChecker permissionChecker, long plid, String portletId,
73 String actionId, boolean strict)
74 throws PortalException, SystemException {
75
76 if (!contains(permissionChecker, plid, portletId, actionId, strict)) {
77 throw new PrincipalException();
78 }
79 }
80
81 public boolean contains(
82 PermissionChecker permissionChecker, String portletId,
83 String actionId)
84 throws PortalException, SystemException {
85
86 return contains(permissionChecker, 0, portletId, actionId);
87 }
88
89 public boolean contains(
90 PermissionChecker permissionChecker, long plid, String portletId,
91 String actionId)
92 throws PortalException, SystemException {
93
94 return contains(
95 permissionChecker, plid, portletId, actionId, DEFAULT_STRICT);
96 }
97
98 public boolean contains(
99 PermissionChecker permissionChecker, long plid, String portletId,
100 String actionId, boolean strict)
101 throws PortalException, SystemException {
102
103 long groupId = 0;
104 String name = null;
105 String primKey = null;
106
107 if (plid > 0) {
108 Layout layout = LayoutLocalServiceUtil.getLayout(plid);
109
110 groupId = layout.getGroupId();
111 name = PortletConstants.getRootPortletId(portletId);
112 primKey = getPrimaryKey(plid, portletId);
113
114 if ((layout.isPrivateLayout() &&
115 !PropsValues.LAYOUT_USER_PRIVATE_LAYOUTS_MODIFIABLE) ||
116 (layout.isPublicLayout() &&
117 !PropsValues.LAYOUT_USER_PUBLIC_LAYOUTS_MODIFIABLE)) {
118
119 if (actionId.equals(ActionKeys.CONFIGURATION)) {
120 Group group = GroupLocalServiceUtil.getGroup(
121 layout.getGroupId());
122
123 if (group.isUser()) {
124 return false;
125 }
126 }
127 }
128
129 if (!strict) {
130 if (LayoutPermissionUtil.contains(
131 permissionChecker, groupId, layout.isPrivateLayout(),
132 layout.getLayoutId(), ActionKeys.UPDATE) &&
133 hasLayoutManagerPermission(portletId, actionId)) {
134
135 return true;
136 }
137 }
138 }
139 else {
140 name = portletId;
141 primKey = portletId;
142 }
143
144 return permissionChecker.hasPermission(
145 groupId, name, primKey, actionId);
146 }
147
148 public boolean contains(
149 PermissionChecker permissionChecker, long plid, Portlet portlet,
150 String actionId)
151 throws PortalException, SystemException {
152
153 return contains(
154 permissionChecker, plid, portlet, actionId, DEFAULT_STRICT);
155 }
156
157 public boolean contains(
158 PermissionChecker permissionChecker, long plid, Portlet portlet,
159 String actionId, boolean strict)
160 throws PortalException, SystemException {
161
162 boolean value = contains(
163 permissionChecker, plid, portlet.getPortletId(), actionId, strict);
164
165 if (value) {
166 return true;
167 }
168 else {
169 if (portlet.isSystem() && actionId.equals(ActionKeys.VIEW)) {
170 return true;
171 }
172 else {
173 return false;
174 }
175 }
176 }
177
178 public String getPrimaryKey(long plid, String portletId) {
179 StringBuilder sb = new StringBuilder();
180
181 sb.append(plid);
182 sb.append(PortletConstants.LAYOUT_SEPARATOR);
183 sb.append(portletId);
184
185 return sb.toString();
186 }
187
188 public boolean hasLayoutManagerPermission(
189 String portletId, String actionId) {
190
191 try {
192 return hasLayoutManagerPermissionImpl(portletId, actionId);
193 }
194 catch (Exception e) {
195 _log.error(e, e);
196
197 return false;
198 }
199 }
200
201 protected boolean hasLayoutManagerPermissionImpl(
202 String portletId, String actionId) {
203
204 portletId = PortletConstants.getRootPortletId(portletId);
205
206 List<String> layoutManagerActions =
207 ResourceActionsUtil.getPortletResourceLayoutManagerActions(
208 portletId);
209
210 return layoutManagerActions.contains(actionId);
211 }
212
213 private static Log _log =
214 LogFactoryUtil.getLog(PortletPermissionImpl.class);
215
216 }