1
22
23 package com.liferay.portlet.portletconfiguration.action;
24
25 import com.liferay.portal.kernel.servlet.SessionErrors;
26 import com.liferay.portal.kernel.servlet.SessionMessages;
27 import com.liferay.portal.kernel.util.Constants;
28 import com.liferay.portal.kernel.util.ParamUtil;
29 import com.liferay.portal.kernel.util.StringUtil;
30 import com.liferay.portal.kernel.util.Validator;
31 import com.liferay.portal.model.Layout;
32 import com.liferay.portal.model.Organization;
33 import com.liferay.portal.model.Portlet;
34 import com.liferay.portal.model.PortletConstants;
35 import com.liferay.portal.model.Resource;
36 import com.liferay.portal.model.UserGroup;
37 import com.liferay.portal.security.auth.PrincipalException;
38 import com.liferay.portal.service.PermissionServiceUtil;
39 import com.liferay.portal.service.PortletLocalServiceUtil;
40 import com.liferay.portal.service.ResourceLocalServiceUtil;
41 import com.liferay.portal.service.ResourcePermissionServiceUtil;
42 import com.liferay.portal.servlet.filters.cache.CacheUtil;
43 import com.liferay.portal.theme.ThemeDisplay;
44 import com.liferay.portal.util.PropsValues;
45 import com.liferay.portal.util.WebKeys;
46
47 import java.util.ArrayList;
48 import java.util.Enumeration;
49 import java.util.List;
50
51 import javax.portlet.ActionRequest;
52 import javax.portlet.ActionResponse;
53 import javax.portlet.PortletConfig;
54 import javax.portlet.RenderRequest;
55 import javax.portlet.RenderResponse;
56
57 import org.apache.struts.action.ActionForm;
58 import org.apache.struts.action.ActionForward;
59 import org.apache.struts.action.ActionMapping;
60
61
66 public class EditPermissionsAction extends EditConfigurationAction {
67
68 public void processAction(
69 ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
70 ActionRequest actionRequest, ActionResponse actionResponse)
71 throws Exception {
72
73 String cmd = ParamUtil.getString(actionRequest, Constants.CMD);
74
75 try {
76 if (cmd.equals("group_permissions")) {
77 updateGroupPermissions(actionRequest);
78 }
79 else if (cmd.equals("guest_permissions")) {
80 updateGuestPermissions(actionRequest);
81 }
82 else if (cmd.equals("organization_permissions")) {
83 updateOrganizationPermissions(actionRequest);
84 }
85 else if (cmd.equals("role_permissions")) {
86 updateRolePermissions(actionRequest);
87 }
88 else if (cmd.equals("user_group_permissions")) {
89 updateUserGroupPermissions(actionRequest);
90 }
91 else if (cmd.equals("user_permissions")) {
92 updateUserPermissions(actionRequest);
93 }
94
95 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM < 5) {
96 String redirect = ParamUtil.getString(
97 actionRequest, "permissionsRedirect");
98
99 sendRedirect(actionRequest, actionResponse, redirect);
100 }
101 else {
102 SessionMessages.add(actionRequest, "request_processed");
103 }
104 }
105 catch (Exception e) {
106 if (e instanceof PrincipalException) {
107 SessionErrors.add(actionRequest, e.getClass().getName());
108
109 setForward(
110 actionRequest, "portlet.portlet_configuration.error");
111 }
112 else {
113 throw e;
114 }
115 }
116 }
117
118 public ActionForward render(
119 ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
120 RenderRequest renderRequest, RenderResponse renderResponse)
121 throws Exception {
122
123 ThemeDisplay themeDisplay = (ThemeDisplay)renderRequest.getAttribute(
124 WebKeys.THEME_DISPLAY);
125
126 long groupId = themeDisplay.getScopeGroupId();
127
128 String portletResource = ParamUtil.getString(
129 renderRequest, "portletResource");
130 String modelResource = ParamUtil.getString(
131 renderRequest, "modelResource");
132 String resourcePrimKey = ParamUtil.getString(
133 renderRequest, "resourcePrimKey");
134
135 String selResource = portletResource;
136
137 if (Validator.isNotNull(modelResource)) {
138 selResource = modelResource;
139 }
140
141 try {
142 PermissionServiceUtil.checkPermission(
143 groupId, selResource, resourcePrimKey);
144 }
145 catch (PrincipalException pe) {
146 SessionErrors.add(
147 renderRequest, PrincipalException.class.getName());
148
149 setForward(renderRequest, "portlet.portlet_configuration.error");
150 }
151
152 Portlet portlet = PortletLocalServiceUtil.getPortletById(
153 themeDisplay.getCompanyId(), portletResource);
154
155 if (portlet != null) {
156 renderResponse.setTitle(getTitle(portlet, renderRequest));
157 }
158
159 return mapping.findForward(getForward(
160 renderRequest, "portlet.portlet_configuration.edit_permissions"));
161 }
162
163 protected String[] getActionIds(ActionRequest actionRequest, long roleId) {
164 List<String> actionIds = new ArrayList<String>();
165
166 Enumeration<String> enu = actionRequest.getParameterNames();
167
168 while (enu.hasMoreElements()) {
169 String name = enu.nextElement();
170
171 if (name.startsWith(roleId + "_ACTION_")) {
172 int pos = name.indexOf("_ACTION_");
173
174 String actionId = name.substring(pos + 8);
175
176 actionIds.add(actionId);
177 }
178 }
179
180 return actionIds.toArray(new String[actionIds.size()]);
181 }
182
183 protected void updateGroupPermissions(ActionRequest actionRequest)
184 throws Exception {
185
186 Layout layout = (Layout)actionRequest.getAttribute(WebKeys.LAYOUT);
187
188 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
189 long groupId = ParamUtil.getLong(actionRequest, "groupId");
190 String[] actionIds = StringUtil.split(
191 ParamUtil.getString(actionRequest, "groupIdActionIds"));
192
193 PermissionServiceUtil.setGroupPermissions(
194 groupId, actionIds, resourceId);
195
196 if (!layout.isPrivateLayout()) {
197 Resource resource =
198 ResourceLocalServiceUtil.getResource(resourceId);
199
200 if (resource.getPrimKey().startsWith(
201 layout.getPlid() + PortletConstants.LAYOUT_SEPARATOR)) {
202
203 CacheUtil.clearCache(layout.getCompanyId());
204 }
205 }
206 }
207
208 protected void updateGuestPermissions(ActionRequest actionRequest)
209 throws Exception {
210
211 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
212 WebKeys.THEME_DISPLAY);
213
214 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
215 String[] actionIds = StringUtil.split(
216 ParamUtil.getString(actionRequest, "guestActionIds"));
217
218 PermissionServiceUtil.setUserPermissions(
219 themeDisplay.getDefaultUserId(), themeDisplay.getScopeGroupId(),
220 actionIds, resourceId);
221 }
222
223 protected void updateOrganizationPermissions(ActionRequest actionRequest)
224 throws Exception {
225
226 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
227 WebKeys.THEME_DISPLAY);
228
229 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
230 long organizationId = ParamUtil.getLong(
231 actionRequest, "organizationIdsPosValue");
232 String[] actionIds = StringUtil.split(
233 ParamUtil.getString(actionRequest, "organizationIdActionIds"));
234
237 PermissionServiceUtil.setGroupPermissions(
239 Organization.class.getName(), String.valueOf(organizationId),
240 themeDisplay.getScopeGroupId(), actionIds, resourceId);
241
246 }
247
248 protected void updateRolePermissions(ActionRequest actionRequest)
249 throws Exception {
250
251 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
252 updateRolePermissions_5(actionRequest);
253 }
254 else if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
255 updateRolePermissions_6(actionRequest);
256 }
257 else {
258 updateRolePermissions_1to4(actionRequest);
259 }
260 }
261
262 protected void updateRolePermissions_1to4(ActionRequest actionRequest)
263 throws Exception {
264
265 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
266 WebKeys.THEME_DISPLAY);
267
268 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
269 long roleId = ParamUtil.getLong(actionRequest, "roleIdsPosValue");
270 String[] actionIds = StringUtil.split(
271 ParamUtil.getString(actionRequest, "roleIdActionIds"));
272
273 PermissionServiceUtil.setRolePermissions(
274 roleId, themeDisplay.getScopeGroupId(), actionIds, resourceId);
275 }
276
277 protected void updateRolePermissions_5(ActionRequest actionRequest)
278 throws Exception {
279
280 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
281 WebKeys.THEME_DISPLAY);
282
283 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
284 long[] roleIds = StringUtil.split(
285 ParamUtil.getString(
286 actionRequest, "rolesSearchContainerPrimaryKeys"), 0L);
287
288 for (long roleId : roleIds) {
289 String[] actionIds = getActionIds(actionRequest, roleId);
290
291 PermissionServiceUtil.setRolePermissions(
292 roleId, themeDisplay.getScopeGroupId(), actionIds, resourceId);
293 }
294 }
295
296 protected void updateRolePermissions_6(ActionRequest actionRequest)
297 throws Exception {
298
299 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
300 WebKeys.THEME_DISPLAY);
301
302 String portletResource = ParamUtil.getString(
303 actionRequest, "portletResource");
304 String modelResource = ParamUtil.getString(
305 actionRequest, "modelResource");
306 long[] roleIds = StringUtil.split(
307 ParamUtil.getString(
308 actionRequest, "rolesSearchContainerPrimaryKeys"), 0L);
309
310 String selResource = portletResource;
311
312 if (Validator.isNotNull(modelResource)) {
313 selResource = modelResource;
314 }
315
316 String resourcePrimKey = ParamUtil.getString(
317 actionRequest, "resourcePrimKey");
318
319 for (long roleId : roleIds) {
320 String[] actionIds = getActionIds(actionRequest, roleId);
321
322 ResourcePermissionServiceUtil.setIndividualResourcePermissions(
323 themeDisplay.getScopeGroupId(), themeDisplay.getCompanyId(),
324 selResource, resourcePrimKey, roleId, actionIds);
325 }
326 }
327
328 protected void updateUserGroupPermissions(ActionRequest actionRequest)
329 throws Exception {
330
331 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
332 WebKeys.THEME_DISPLAY);
333
334 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
335 long userGroupId = ParamUtil.getLong(
336 actionRequest, "userGroupIdsPosValue");
337 String[] actionIds = StringUtil.split(
338 ParamUtil.getString(actionRequest, "userGroupIdActionIds"));
339
340 PermissionServiceUtil.setGroupPermissions(
341 UserGroup.class.getName(), String.valueOf(userGroupId),
342 themeDisplay.getScopeGroupId(), actionIds, resourceId);
343 }
344
345 protected void updateUserPermissions(ActionRequest actionRequest)
346 throws Exception {
347
348 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
349 WebKeys.THEME_DISPLAY);
350
351 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
352 long userId = ParamUtil.getLong(actionRequest, "userIdsPosValue");
353 String[] actionIds = StringUtil.split(
354 ParamUtil.getString(actionRequest, "userIdActionIds"));
355
356 PermissionServiceUtil.setUserPermissions(
357 userId, themeDisplay.getScopeGroupId(), actionIds, resourceId);
358 }
359
360 }