1   /**
2    * Copyright (c) 2000-2009 Liferay, Inc. All rights reserved.
3    *
4    *
5    *
6    *
7    * The contents of this file are subject to the terms of the Liferay Enterprise
8    * Subscription License ("License"). You may not use this file except in
9    * compliance with the License. You can obtain a copy of the License by
10   * contacting Liferay, Inc. See the License for the specific language governing
11   * permissions and limitations under the License, including but not limited to
12   * distribution rights of the Software.
13   *
14   * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15   * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16   * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
17   * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
18   * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
19   * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
20   * SOFTWARE.
21   */
22  
23  package com.liferay.portlet.iframe.util;
24  
25  import com.liferay.portal.PortalException;
26  import com.liferay.portal.SystemException;
27  import com.liferay.portal.kernel.log.Log;
28  import com.liferay.portal.kernel.log.LogFactoryUtil;
29  import com.liferay.portal.kernel.util.StringPool;
30  import com.liferay.portal.kernel.util.Validator;
31  import com.liferay.portal.model.Layout;
32  import com.liferay.portal.model.Role;
33  import com.liferay.portal.model.User;
34  import com.liferay.portal.service.RoleLocalServiceUtil;
35  import com.liferay.portal.service.UserLocalServiceUtil;
36  import com.liferay.portal.theme.ThemeDisplay;
37  import com.liferay.portal.util.PortalUtil;
38  import com.liferay.portal.util.PropsValues;
39  import com.liferay.portal.util.WebKeys;
40  
41  import javax.portlet.PortletRequest;
42  
43  /**
44   * <a href="IFrameUtil.java.html"><b><i>View Source</i></b></a>
45   *
46   * @author Amos Fong
47   */
48  public class IFrameUtil {
49  
50      public static String getPassword(
51          PortletRequest portletRequest, String password) {
52  
53          if (!isPasswordTokenEnabled(portletRequest)) {
54              return StringPool.BLANK;
55          }
56  
57          if (Validator.isNull(password) || password.equals("@password@")) {
58              password = PortalUtil.getUserPassword(portletRequest);
59          }
60  
61          return password;
62      }
63  
64      public static String getUserName(
65              PortletRequest portletRequest, String userName)
66          throws PortalException, SystemException {
67  
68          User user = PortalUtil.getUser(portletRequest);
69  
70          if (user == null) {
71              return userName;
72          }
73  
74          if (Validator.isNull(userName) || userName.equals("@user_id@")) {
75              userName = portletRequest.getRemoteUser();
76          }
77          else if (userName.equals("@email_address@")) {
78              userName = user.getEmailAddress();
79          }
80          else if (userName.equals("@screen_name@")) {
81              userName = user.getScreenName();
82          }
83  
84          return userName;
85      }
86  
87      public static boolean isPasswordTokenEnabled(
88          PortletRequest portletRequest) {
89  
90          ThemeDisplay themeDisplay = (ThemeDisplay)portletRequest.getAttribute(
91              WebKeys.THEME_DISPLAY);
92  
93          Layout layout = themeDisplay.getLayout();
94  
95          String roleName = PropsValues.IFRAME_PASSWORD_PASSWORD_TOKEN_ROLE;
96  
97          if (Validator.isNull(roleName)) {
98              return true;
99          }
100 
101         if (layout.isPrivateLayout() && layout.getGroup().isUser()) {
102             return true;
103         }
104 
105         try {
106             Role role = RoleLocalServiceUtil.getRole(
107                 themeDisplay.getCompanyId(), roleName);
108 
109             if (UserLocalServiceUtil.hasRoleUser(
110                     role.getRoleId(), themeDisplay.getUserId())) {
111 
112                 return true;
113             }
114         }
115         catch (Exception e) {
116             if (_log.isWarnEnabled()) {
117                 _log.warn(
118                     "Error getting role " + roleName + ". The password token " +
119                         "will be disabled.");
120             }
121         }
122 
123         return false;
124     }
125 
126     private static Log _log = LogFactoryUtil.getLog(IFrameUtil.class);
127 
128 }