1
22
23 package com.liferay.portal.service.permission;
24
25 import com.liferay.portal.PortalException;
26 import com.liferay.portal.SystemException;
27 import com.liferay.portal.kernel.log.Log;
28 import com.liferay.portal.kernel.log.LogFactoryUtil;
29 import com.liferay.portal.model.Group;
30 import com.liferay.portal.model.GroupConstants;
31 import com.liferay.portal.model.Layout;
32 import com.liferay.portal.model.Portlet;
33 import com.liferay.portal.model.PortletConstants;
34 import com.liferay.portal.security.auth.PrincipalException;
35 import com.liferay.portal.security.permission.ActionKeys;
36 import com.liferay.portal.security.permission.PermissionChecker;
37 import com.liferay.portal.security.permission.ResourceActionsUtil;
38 import com.liferay.portal.service.GroupLocalServiceUtil;
39 import com.liferay.portal.service.LayoutLocalServiceUtil;
40 import com.liferay.portal.util.PropsValues;
41
42 import java.util.List;
43
44
49 public class PortletPermissionImpl implements PortletPermission {
50
51 public static final boolean DEFAULT_STRICT = false;
52
53 public void check(
54 PermissionChecker permissionChecker, String portletId,
55 String actionId)
56 throws PortalException, SystemException {
57
58 if (!contains(permissionChecker, portletId, actionId)) {
59 throw new PrincipalException();
60 }
61 }
62
63 public void check(
64 PermissionChecker permissionChecker, long plid, String portletId,
65 String actionId)
66 throws PortalException, SystemException {
67
68 check(permissionChecker, plid, portletId, actionId, DEFAULT_STRICT);
69 }
70
71 public void check(
72 PermissionChecker permissionChecker, long plid, String portletId,
73 String actionId, boolean strict)
74 throws PortalException, SystemException {
75
76 if (!contains(permissionChecker, plid, portletId, actionId, strict)) {
77 throw new PrincipalException();
78 }
79 }
80
81 public boolean contains(
82 PermissionChecker permissionChecker, String portletId,
83 String actionId)
84 throws PortalException, SystemException {
85
86 return contains(permissionChecker, 0, portletId, actionId);
87 }
88
89 public boolean contains(
90 PermissionChecker permissionChecker, long plid, String portletId,
91 String actionId)
92 throws PortalException, SystemException {
93
94 return contains(
95 permissionChecker, plid, portletId, actionId, DEFAULT_STRICT);
96 }
97
98 public boolean contains(
99 PermissionChecker permissionChecker, long plid, String portletId,
100 String actionId, boolean strict)
101 throws PortalException, SystemException {
102
103 long groupId = 0;
104 String name = null;
105 String primKey = null;
106
107 if (plid > 0) {
108 Layout layout = LayoutLocalServiceUtil.getLayout(plid);
109
110 groupId = layout.getGroupId();
111 name = PortletConstants.getRootPortletId(portletId);
112 primKey = getPrimaryKey(plid, portletId);
113
114 if ((layout.isPrivateLayout() &&
115 !PropsValues.LAYOUT_USER_PRIVATE_LAYOUTS_MODIFIABLE) ||
116 (layout.isPublicLayout() &&
117 !PropsValues.LAYOUT_USER_PUBLIC_LAYOUTS_MODIFIABLE)) {
118
119 if (actionId.equals(ActionKeys.CONFIGURATION)) {
120 Group group = GroupLocalServiceUtil.getGroup(
121 layout.getGroupId());
122
123 if (group.isUser()) {
124 return false;
125 }
126 }
127 }
128
129 if (actionId.equals(ActionKeys.VIEW)) {
130 Group group = GroupLocalServiceUtil.getGroup(
131 layout.getGroupId());
132
133 if (group.getName().equals(GroupConstants.CONTROL_PANEL)) {
134 return true;
135 }
136 }
137
138 if (!strict) {
139 if (LayoutPermissionUtil.contains(
140 permissionChecker, groupId, layout.isPrivateLayout(),
141 layout.getLayoutId(), ActionKeys.UPDATE) &&
142 hasLayoutManagerPermission(portletId, actionId)) {
143
144 return true;
145 }
146 }
147 }
148 else {
149 name = portletId;
150 primKey = portletId;
151 }
152
153 return permissionChecker.hasPermission(
154 groupId, name, primKey, actionId);
155 }
156
157 public boolean contains(
158 PermissionChecker permissionChecker, long plid, Portlet portlet,
159 String actionId)
160 throws PortalException, SystemException {
161
162 return contains(
163 permissionChecker, plid, portlet, actionId, DEFAULT_STRICT);
164 }
165
166 public boolean contains(
167 PermissionChecker permissionChecker, long plid, Portlet portlet,
168 String actionId, boolean strict)
169 throws PortalException, SystemException {
170
171 if (portlet.isUndeployedPortlet()) {
172 return false;
173 }
174
175 boolean value = contains(
176 permissionChecker, plid, portlet.getPortletId(), actionId, strict);
177
178 if (value) {
179 return true;
180 }
181 else {
182 if (portlet.isSystem() && actionId.equals(ActionKeys.VIEW)) {
183 return true;
184 }
185 else {
186 return false;
187 }
188 }
189 }
190
191 public String getPrimaryKey(long plid, String portletId) {
192 StringBuilder sb = new StringBuilder();
193
194 sb.append(plid);
195 sb.append(PortletConstants.LAYOUT_SEPARATOR);
196 sb.append(portletId);
197
198 return sb.toString();
199 }
200
201 public boolean hasLayoutManagerPermission(
202 String portletId, String actionId) {
203
204 try {
205 return hasLayoutManagerPermissionImpl(portletId, actionId);
206 }
207 catch (Exception e) {
208 _log.error(e, e);
209
210 return false;
211 }
212 }
213
214 protected boolean hasLayoutManagerPermissionImpl(
215 String portletId, String actionId) {
216
217 portletId = PortletConstants.getRootPortletId(portletId);
218
219 List<String> layoutManagerActions =
220 ResourceActionsUtil.getPortletResourceLayoutManagerActions(
221 portletId);
222
223 return layoutManagerActions.contains(actionId);
224 }
225
226 private static Log _log =
227 LogFactoryUtil.getLog(PortletPermissionImpl.class);
228
229 }