1
22
23 package com.liferay.portal.service.impl;
24
25 import com.liferay.portal.NoSuchResourcePermissionException;
26 import com.liferay.portal.PortalException;
27 import com.liferay.portal.SystemException;
28 import com.liferay.portal.kernel.search.SearchEngineUtil;
29 import com.liferay.portal.model.ResourceAction;
30 import com.liferay.portal.model.ResourceConstants;
31 import com.liferay.portal.model.ResourcePermission;
32 import com.liferay.portal.model.ResourcePermissionConstants;
33 import com.liferay.portal.model.Role;
34 import com.liferay.portal.model.RoleConstants;
35 import com.liferay.portal.security.permission.PermissionCacheUtil;
36 import com.liferay.portal.security.permission.ResourceActionsUtil;
37 import com.liferay.portal.service.base.ResourcePermissionLocalServiceBaseImpl;
38 import com.liferay.portal.util.PortalUtil;
39
40 import java.util.ArrayList;
41 import java.util.Collections;
42 import java.util.List;
43
44
51 public class ResourcePermissionLocalServiceImpl
52 extends ResourcePermissionLocalServiceBaseImpl {
53
54 public void addResourcePermission(
55 long companyId, String name, int scope, String primKey, long roleId,
56 String actionId)
57 throws PortalException, SystemException {
58
59 if (scope == ResourceConstants.SCOPE_COMPANY) {
60
61
63 removeResourcePermissions(
64 companyId, name, ResourceConstants.SCOPE_GROUP, roleId,
65 actionId);
66 }
67 else if (scope == ResourceConstants.SCOPE_GROUP) {
68
69
71 removeResourcePermissions(
72 companyId, name, ResourceConstants.SCOPE_COMPANY, roleId,
73 actionId);
74 }
75 else if (scope == ResourceConstants.SCOPE_INDIVIDUAL) {
76 throw new NoSuchResourcePermissionException();
77 }
78
79 updateResourcePermission(
80 companyId, name, scope, primKey, roleId, new String[] {actionId},
81 ResourcePermissionConstants.OPERATOR_ADD);
82
83 PermissionCacheUtil.clearCache();
84 }
85
86 public List<String> getAvailableResourcePermissionActionIds(
87 long companyId, String name, int scope, String primKey, long roleId,
88 List<String> actionIds)
89 throws PortalException, SystemException {
90
91 ResourcePermission resourcePermission =
92 resourcePermissionPersistence.fetchByC_N_S_P_R(
93 companyId, name, scope, primKey, roleId);
94
95 if (resourcePermission == null) {
96 return Collections.EMPTY_LIST;
97 }
98
99 List<String> availableActionIds = new ArrayList<String>(
100 actionIds.size());
101
102 for (String actionId : actionIds) {
103 ResourceAction resourceAction =
104 resourceActionLocalService.getResourceAction(name, actionId);
105
106 if (hasActionId(resourcePermission, resourceAction)) {
107 availableActionIds.add(actionId);
108 }
109 }
110
111 return availableActionIds;
112 }
113
114 public int getResourcePermissionsCount(
115 long companyId, String name, int scope, String primKey)
116 throws SystemException {
117
118 return resourcePermissionPersistence.countByC_N_S_P(
119 companyId, name, scope, primKey);
120 }
121
122 public List<ResourcePermission> getRoleResourcePermissions(long roleId)
123 throws SystemException {
124
125 return resourcePermissionPersistence.findByRoleId(roleId);
126 }
127
128 public boolean hasActionId(
129 ResourcePermission resourcePermission, ResourceAction resourceAction) {
130
131 long actionIds = resourcePermission.getActionIds();
132 long bitwiseValue = resourceAction.getBitwiseValue();
133
134 if ((actionIds & bitwiseValue) == bitwiseValue) {
135 return true;
136 }
137 else {
138 return false;
139 }
140 }
141
142 public boolean hasResourcePermission(
143 long companyId, String name, int scope, String primKey, long roleId,
144 String actionId)
145 throws PortalException, SystemException {
146
147 ResourcePermission resourcePermission =
148 resourcePermissionPersistence.fetchByC_N_S_P_R(
149 companyId, name, scope, primKey, roleId);
150
151 if (resourcePermission == null) {
152 return false;
153 }
154
155 ResourceAction resourceAction =
156 resourceActionLocalService.getResourceAction(name, actionId);
157
158 if (hasActionId(resourcePermission, resourceAction)) {
159 return true;
160 }
161 else {
162 return false;
163 }
164 }
165
166 public boolean hasScopeResourcePermission(
167 long companyId, String name, int scope, long roleId,
168 String actionId)
169 throws PortalException, SystemException {
170
171 List<ResourcePermission> resourcePermissions =
172 resourcePermissionPersistence.findByC_N_S(companyId, name, scope);
173
174 for (ResourcePermission resourcePermission : resourcePermissions) {
175 if (hasResourcePermission(
176 companyId, name, scope, resourcePermission.getPrimKey(),
177 roleId, actionId)) {
178
179 return true;
180 }
181 }
182
183 return false;
184 }
185
186 public void mergePermissions(long fromRoleId, long toRoleId)
187 throws PortalException, SystemException {
188
189 Role fromRole = rolePersistence.findByPrimaryKey(fromRoleId);
190 Role toRole = rolePersistence.findByPrimaryKey(toRoleId);
191
192 if (fromRole.getType() != toRole.getType()) {
193 throw new PortalException("Role types are mismatched");
194 }
195 else if (PortalUtil.isSystemRole(toRole.getName())) {
196 throw new PortalException("Cannot move permissions to system role");
197 }
198 else if (PortalUtil.isSystemRole(fromRole.getName())) {
199 throw new PortalException(
200 "Cannot move permissions from system role");
201 }
202
203 List<ResourcePermission> resourcePermissions =
204 getRoleResourcePermissions(fromRoleId);
205
206 for (ResourcePermission resourcePermission : resourcePermissions) {
207 resourcePermission.setRoleId(toRoleId);
208
209 resourcePermissionPersistence.update(resourcePermission, false);
210 }
211
212 roleLocalService.deleteRole(fromRoleId);
213
214 PermissionCacheUtil.clearCache();
215 }
216
217 public void reassignPermissions(long resourcePermissionId, long toRoleId)
218 throws PortalException, SystemException {
219
220 ResourcePermission resourcePermission = getResourcePermission(
221 resourcePermissionId);
222
223 long companyId = resourcePermission.getCompanyId();
224 String name = resourcePermission.getName();
225 int scope = resourcePermission.getScope();
226 String primKey = resourcePermission.getPrimKey();
227 long fromRoleId = resourcePermission.getRoleId();
228
229 Role toRole = roleLocalService.getRole(toRoleId);
230
231 List<String> actionIds = null;
232
233 if (toRole.getType() == RoleConstants.TYPE_REGULAR) {
234 actionIds = ResourceActionsUtil.getModelResourceActions(name);
235 }
236 else {
237 actionIds =
238 ResourceActionsUtil.getModelResourceCommunityDefaultActions(
239 name);
240 }
241
242 setResourcePermissions(
243 companyId, name, scope, primKey, toRoleId,
244 actionIds.toArray(new String[actionIds.size()]));
245
246 resourcePermissionPersistence.remove(resourcePermissionId);
247
248 List<ResourcePermission> resourcePermissions =
249 getRoleResourcePermissions(fromRoleId);
250
251 if (resourcePermissions.isEmpty()) {
252 roleLocalService.deleteRole(fromRoleId);
253 }
254 }
255
256 public void removeResourcePermission(
257 long companyId, String name, int scope, String primKey, long roleId,
258 String actionId)
259 throws PortalException, SystemException {
260
261 updateResourcePermission(
262 companyId, name, scope, primKey, roleId, new String[] {actionId},
263 ResourcePermissionConstants.OPERATOR_REMOVE);
264
265 PermissionCacheUtil.clearCache();
266 }
267
268 public void removeResourcePermissions(
269 long companyId, String name, int scope, long roleId,
270 String actionId)
271 throws PortalException, SystemException {
272
273 List<ResourcePermission> resourcePermissions =
274 resourcePermissionPersistence.findByC_N_S(companyId, name, scope);
275
276 for (ResourcePermission resourcePermission : resourcePermissions) {
277 updateResourcePermission(
278 companyId, name, scope, resourcePermission.getPrimKey(), roleId,
279 new String[] {actionId},
280 ResourcePermissionConstants.OPERATOR_REMOVE);
281 }
282
283 PermissionCacheUtil.clearCache();
284 }
285
286 public void setResourcePermissions(
287 long companyId, String name, int scope, String primKey, long roleId,
288 String[] actionIds)
289 throws PortalException, SystemException {
290
291 updateResourcePermission(
292 companyId, name, scope, primKey, roleId, actionIds,
293 ResourcePermissionConstants.OPERATOR_SET);
294 }
295
296 protected void updateResourcePermission(
297 long companyId, String name, int scope, String primKey, long roleId,
298 String[] actionIds, int operator)
299 throws PortalException, SystemException {
300
301 ResourcePermission resourcePermission =
302 resourcePermissionPersistence.fetchByC_N_S_P_R(
303 companyId, name, scope, primKey, roleId);
304
305 if (resourcePermission == null) {
306 if (operator == ResourcePermissionConstants.OPERATOR_REMOVE) {
307 return;
308 }
309
310 long resourcePermissionId = counterLocalService.increment(
311 ResourcePermission.class.getName());
312
313 resourcePermission = resourcePermissionPersistence.create(
314 resourcePermissionId);
315
316 resourcePermission.setCompanyId(companyId);
317 resourcePermission.setName(name);
318 resourcePermission.setScope(scope);
319 resourcePermission.setPrimKey(primKey);
320 resourcePermission.setRoleId(roleId);
321 }
322
323 long actionIdsLong = resourcePermission.getActionIds();
324
325 if (operator == ResourcePermissionConstants.OPERATOR_SET) {
326 actionIdsLong = 0;
327 }
328
329 for (String actionId : actionIds) {
330 ResourceAction resourceAction =
331 resourceActionLocalService.getResourceAction(name, actionId);
332
333 if ((operator == ResourcePermissionConstants.OPERATOR_ADD) ||
334 (operator == ResourcePermissionConstants.OPERATOR_SET)) {
335
336 actionIdsLong |= resourceAction.getBitwiseValue();
337 }
338 else {
339 actionIdsLong =
340 actionIdsLong & (~resourceAction.getBitwiseValue());
341 }
342 }
343
344 resourcePermission.setActionIds(actionIdsLong);
345
346 resourcePermissionPersistence.update(resourcePermission, false);
347
348 PermissionCacheUtil.clearCache();
349
350 SearchEngineUtil.updatePermissionFields(name, primKey);
351 }
352
353 }