1
22
23 package com.liferay.portal.service.impl;
24
25 import com.liferay.portal.PortalException;
26 import com.liferay.portal.SystemException;
27 import com.liferay.portal.kernel.util.GetterUtil;
28 import com.liferay.portal.model.Group;
29 import com.liferay.portal.model.Layout;
30 import com.liferay.portal.model.PortletConstants;
31 import com.liferay.portal.model.Resource;
32 import com.liferay.portal.model.Role;
33 import com.liferay.portal.model.User;
34 import com.liferay.portal.security.auth.PrincipalException;
35 import com.liferay.portal.security.permission.ActionKeys;
36 import com.liferay.portal.security.permission.PermissionChecker;
37 import com.liferay.portal.security.permission.PermissionCheckerBag;
38 import com.liferay.portal.service.base.PermissionServiceBaseImpl;
39 import com.liferay.portal.service.permission.GroupPermissionUtil;
40 import com.liferay.portal.service.permission.PortletPermissionUtil;
41 import com.liferay.portal.service.permission.UserPermissionUtil;
42 import com.liferay.portlet.blogs.model.BlogsEntry;
43 import com.liferay.portlet.blogs.service.permission.BlogsEntryPermission;
44 import com.liferay.portlet.bookmarks.model.BookmarksFolder;
45 import com.liferay.portlet.bookmarks.service.permission.BookmarksFolderPermission;
46 import com.liferay.portlet.calendar.model.CalEvent;
47 import com.liferay.portlet.calendar.service.permission.CalEventPermission;
48 import com.liferay.portlet.documentlibrary.model.DLFolder;
49 import com.liferay.portlet.documentlibrary.service.permission.DLFolderPermission;
50 import com.liferay.portlet.imagegallery.model.IGFolder;
51 import com.liferay.portlet.imagegallery.service.permission.IGFolderPermission;
52 import com.liferay.portlet.journal.model.JournalArticle;
53 import com.liferay.portlet.journal.model.JournalFeed;
54 import com.liferay.portlet.journal.model.JournalStructure;
55 import com.liferay.portlet.journal.model.JournalTemplate;
56 import com.liferay.portlet.journal.service.permission.JournalArticlePermission;
57 import com.liferay.portlet.journal.service.permission.JournalFeedPermission;
58 import com.liferay.portlet.journal.service.permission.JournalStructurePermission;
59 import com.liferay.portlet.journal.service.permission.JournalTemplatePermission;
60 import com.liferay.portlet.messageboards.model.MBCategory;
61 import com.liferay.portlet.messageboards.service.permission.MBCategoryPermission;
62 import com.liferay.portlet.polls.model.PollsQuestion;
63 import com.liferay.portlet.polls.service.permission.PollsQuestionPermission;
64 import com.liferay.portlet.shopping.model.ShoppingCategory;
65 import com.liferay.portlet.shopping.model.ShoppingItem;
66 import com.liferay.portlet.shopping.service.permission.ShoppingCategoryPermission;
67 import com.liferay.portlet.shopping.service.permission.ShoppingItemPermission;
68 import com.liferay.portlet.softwarecatalog.model.SCFrameworkVersion;
69 import com.liferay.portlet.softwarecatalog.model.SCProductEntry;
70 import com.liferay.portlet.softwarecatalog.service.permission.SCFrameworkVersionPermission;
71 import com.liferay.portlet.softwarecatalog.service.permission.SCProductEntryPermission;
72 import com.liferay.portlet.wiki.model.WikiNode;
73 import com.liferay.portlet.wiki.service.permission.WikiNodePermission;
74
75 import java.util.List;
76
77
83 public class PermissionServiceImpl extends PermissionServiceBaseImpl {
84
85 public void checkPermission(long groupId, long resourceId)
86 throws PortalException, SystemException {
87
88 checkPermission(getPermissionChecker(), groupId, resourceId);
89 }
90
91 public void checkPermission(long groupId, String name, long primKey)
92 throws PortalException, SystemException {
93
94 checkPermission(getPermissionChecker(), groupId, name, primKey);
95 }
96
97 public void checkPermission(long groupId, String name, String primKey)
98 throws PortalException, SystemException {
99
100 checkPermission(getPermissionChecker(), groupId, name, primKey);
101 }
102
103 public boolean hasGroupPermission(
104 long groupId, String actionId, long resourceId)
105 throws SystemException {
106
107 return permissionLocalService.hasGroupPermission(
108 groupId, actionId, resourceId);
109 }
110
111 public boolean hasUserPermission(
112 long userId, String actionId, long resourceId)
113 throws SystemException {
114
115 return permissionLocalService.hasUserPermission(
116 userId, actionId, resourceId);
117 }
118
119 public boolean hasUserPermissions(
120 long userId, long groupId, List<Resource> resources,
121 String actionId, PermissionCheckerBag permissionCheckerBag)
122 throws PortalException, SystemException {
123
124 return permissionLocalService.hasUserPermissions(
125 userId, groupId, resources, actionId, permissionCheckerBag);
126 }
127
128 public void setGroupPermissions(
129 long groupId, String[] actionIds, long resourceId)
130 throws PortalException, SystemException {
131
132 checkPermission(getPermissionChecker(), groupId, resourceId);
133
134 permissionLocalService.setGroupPermissions(
135 groupId, actionIds, resourceId);
136 }
137
138 public void setGroupPermissions(
139 String className, String classPK, long groupId,
140 String[] actionIds, long resourceId)
141 throws PortalException, SystemException {
142
143 checkPermission(getPermissionChecker(), groupId, resourceId);
144
145 permissionLocalService.setGroupPermissions(
146 className, classPK, groupId, actionIds, resourceId);
147 }
148
149 public void setOrgGroupPermissions(
150 long organizationId, long groupId, String[] actionIds,
151 long resourceId)
152 throws PortalException, SystemException {
153
154 checkPermission(getPermissionChecker(), groupId, resourceId);
155
156 permissionLocalService.setOrgGroupPermissions(
157 organizationId, groupId, actionIds, resourceId);
158 }
159
160 public void setRolePermission(
161 long roleId, long groupId, String name, int scope, String primKey,
162 String actionId)
163 throws PortalException, SystemException {
164
165 checkPermission(
166 getPermissionChecker(), groupId, Role.class.getName(), roleId);
167
168 permissionLocalService.setRolePermission(
169 roleId, getUser().getCompanyId(), name, scope, primKey, actionId);
170 }
171
172 public void setRolePermissions(
173 long roleId, long groupId, String[] actionIds, long resourceId)
174 throws PortalException, SystemException {
175
176 checkPermission(getPermissionChecker(), groupId, resourceId);
177
178 permissionLocalService.setRolePermissions(
179 roleId, actionIds, resourceId);
180 }
181
182 public void setUserPermissions(
183 long userId, long groupId, String[] actionIds, long resourceId)
184 throws PortalException, SystemException {
185
186 checkPermission(getPermissionChecker(), groupId, resourceId);
187
188 permissionLocalService.setUserPermissions(
189 userId, actionIds, resourceId);
190 }
191
192 public void unsetRolePermission(
193 long roleId, long groupId, long permissionId)
194 throws SystemException, PortalException {
195
196 checkPermission(
197 getPermissionChecker(), groupId, Role.class.getName(), roleId);
198
199 permissionLocalService.unsetRolePermission(roleId, permissionId);
200 }
201
202 public void unsetRolePermission(
203 long roleId, long groupId, String name, int scope, String primKey,
204 String actionId)
205 throws PortalException, SystemException {
206
207 checkPermission(
208 getPermissionChecker(), groupId, Role.class.getName(), roleId);
209
210 permissionLocalService.unsetRolePermission(
211 roleId, getUser().getCompanyId(), name, scope, primKey, actionId);
212 }
213
214 public void unsetRolePermissions(
215 long roleId, long groupId, String name, int scope, String actionId)
216 throws PortalException, SystemException {
217
218 checkPermission(
219 getPermissionChecker(), groupId, Role.class.getName(), roleId);
220
221 permissionLocalService.unsetRolePermissions(
222 roleId, getUser().getCompanyId(), name, scope, actionId);
223 }
224
225 public void unsetUserPermissions(
226 long userId, long groupId, String[] actionIds, long resourceId)
227 throws PortalException, SystemException {
228
229 checkPermission(getPermissionChecker(), groupId, resourceId);
230
231 permissionLocalService.unsetUserPermissions(
232 userId, actionIds, resourceId);
233 }
234
235 protected void checkPermission(
236 PermissionChecker permissionChecker, long groupId,
237 long resourceId)
238 throws PortalException, SystemException {
239
240 Resource resource = resourcePersistence.findByPrimaryKey(resourceId);
241
242 checkPermission(
243 permissionChecker, groupId, resource.getName(),
244 resource.getPrimKey().toString());
245 }
246
247 protected void checkPermission(
248 PermissionChecker permissionChecker, long groupId, String name,
249 long primKey)
250 throws PortalException, SystemException {
251
252 checkPermission(
253 permissionChecker, groupId, name, String.valueOf(primKey));
254 }
255
256 protected void checkPermission(
257 PermissionChecker permissionChecker, long groupId, String name,
258 String primKey)
259 throws PortalException, SystemException {
260
261 if (name.equals(BlogsEntry.class.getName())) {
262 BlogsEntryPermission.check(
263 permissionChecker, GetterUtil.getLong(primKey),
264 ActionKeys.PERMISSIONS);
265 }
266 else if (name.equals(BookmarksFolder.class.getName())) {
267 BookmarksFolderPermission.check(
268 permissionChecker, GetterUtil.getLong(primKey),
269 ActionKeys.PERMISSIONS);
270 }
271 else if (name.equals(CalEvent.class.getName())) {
272 CalEventPermission.check(
273 permissionChecker, GetterUtil.getLong(primKey),
274 ActionKeys.PERMISSIONS);
275 }
276 else if (name.equals(DLFolder.class.getName())) {
277 DLFolderPermission.check(
278 permissionChecker, GetterUtil.getLong(primKey),
279 ActionKeys.PERMISSIONS);
280 }
281 else if (name.equals(Group.class.getName())) {
282 GroupPermissionUtil.check(
283 permissionChecker, GetterUtil.getLong(primKey),
284 ActionKeys.PERMISSIONS);
285 }
286 else if (name.equals(IGFolder.class.getName())) {
287 IGFolderPermission.check(
288 permissionChecker, GetterUtil.getLong(primKey),
289 ActionKeys.PERMISSIONS);
290 }
291 else if (name.equals(JournalArticle.class.getName())) {
292 JournalArticlePermission.check(
293 permissionChecker, GetterUtil.getLong(primKey),
294 ActionKeys.PERMISSIONS);
295 }
296 else if (name.equals(JournalFeed.class.getName())) {
297 JournalFeedPermission.check(
298 permissionChecker, GetterUtil.getLong(primKey),
299 ActionKeys.PERMISSIONS);
300 }
301 else if (name.equals(JournalStructure.class.getName())) {
302 JournalStructurePermission.check(
303 permissionChecker, GetterUtil.getLong(primKey),
304 ActionKeys.PERMISSIONS);
305 }
306 else if (name.equals(JournalTemplate.class.getName())) {
307 JournalTemplatePermission.check(
308 permissionChecker, GetterUtil.getLong(primKey),
309 ActionKeys.PERMISSIONS);
310 }
311 else if (name.equals(Layout.class.getName())) {
312 long plid = GetterUtil.getLong(primKey);
313
314 Layout layout = layoutPersistence.findByPrimaryKey(plid);
315
316 GroupPermissionUtil.check(
317 permissionChecker, layout.getGroupId(),
318 ActionKeys.MANAGE_LAYOUTS);
319 }
320 else if (name.equals(MBCategory.class.getName())) {
321 MBCategoryPermission.check(
322 permissionChecker, GetterUtil.getLong(primKey),
323 ActionKeys.PERMISSIONS);
324 }
325 else if (name.equals(PollsQuestion.class.getName())) {
326 PollsQuestionPermission.check(
327 permissionChecker, GetterUtil.getLong(primKey),
328 ActionKeys.PERMISSIONS);
329 }
330 else if (name.equals(SCFrameworkVersion.class.getName())) {
331 SCFrameworkVersionPermission.check(
332 permissionChecker, GetterUtil.getLong(primKey),
333 ActionKeys.PERMISSIONS);
334 }
335 else if (name.equals(SCProductEntry.class.getName())) {
336 SCProductEntryPermission.check(
337 permissionChecker, GetterUtil.getLong(primKey),
338 ActionKeys.PERMISSIONS);
339 }
340 else if (name.equals(ShoppingCategory.class.getName())) {
341 ShoppingCategoryPermission.check(
342 permissionChecker, GetterUtil.getLong(primKey),
343 ActionKeys.PERMISSIONS);
344 }
345 else if (name.equals(ShoppingItem.class.getName())) {
346 ShoppingItemPermission.check(
347 permissionChecker, GetterUtil.getLong(primKey),
348 ActionKeys.PERMISSIONS);
349 }
350 else if (name.equals(User.class.getName())) {
351 long userId = GetterUtil.getLong(primKey);
352
353 User user = userPersistence.findByPrimaryKey(userId);
354
355 UserPermissionUtil.check(
356 permissionChecker, userId, user.getOrganizationIds(),
357 ActionKeys.PERMISSIONS);
358 }
359 else if (name.equals(WikiNode.class.getName())) {
360 WikiNodePermission.check(
361 permissionChecker, GetterUtil.getLong(primKey),
362 ActionKeys.PERMISSIONS);
363 }
364 else if ((primKey != null) &&
365 (primKey.indexOf(PortletConstants.LAYOUT_SEPARATOR) != -1)) {
366
367 int pos = primKey.indexOf(PortletConstants.LAYOUT_SEPARATOR);
368
369 long plid = GetterUtil.getLong(primKey.substring(0, pos));
370
371 String portletId = primKey.substring(
372 pos + PortletConstants.LAYOUT_SEPARATOR.length(),
373 primKey.length());
374
375 PortletPermissionUtil.check(
376 permissionChecker, plid, portletId, ActionKeys.CONFIGURATION);
377 }
378 else if (!permissionChecker.hasPermission(
379 groupId, name, primKey, ActionKeys.PERMISSIONS) &&
380 !permissionChecker.hasPermission(
381 groupId, name, primKey, ActionKeys.DEFINE_PERMISSIONS)) {
382
383 throw new PrincipalException();
384 }
385 }
386
387 }