1   /**
2    * Copyright (c) 2000-2008 Liferay, Inc. All rights reserved.
3    *
4    * Permission is hereby granted, free of charge, to any person obtaining a copy
5    * of this software and associated documentation files (the "Software"), to deal
6    * in the Software without restriction, including without limitation the rights
7    * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
8    * copies of the Software, and to permit persons to whom the Software is
9    * furnished to do so, subject to the following conditions:
10   *
11   * The above copyright notice and this permission notice shall be included in
12   * all copies or substantial portions of the Software.
13   *
14   * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15   * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16   * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
17   * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
18   * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
19   * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
20   * SOFTWARE.
21   */
22  
23  package com.liferay.portal.service.impl;
24  
25  import com.liferay.portal.NoSuchResourceException;
26  import com.liferay.portal.PortalException;
27  import com.liferay.portal.ResourceActionsException;
28  import com.liferay.portal.SystemException;
29  import com.liferay.portal.model.Group;
30  import com.liferay.portal.model.GroupConstants;
31  import com.liferay.portal.model.Permission;
32  import com.liferay.portal.model.Resource;
33  import com.liferay.portal.model.ResourceCode;
34  import com.liferay.portal.model.ResourceConstants;
35  import com.liferay.portal.model.Role;
36  import com.liferay.portal.model.RoleConstants;
37  import com.liferay.portal.security.permission.PermissionsListFilter;
38  import com.liferay.portal.security.permission.PermissionsListFilterFactory;
39  import com.liferay.portal.security.permission.ResourceActionsUtil;
40  import com.liferay.portal.service.base.ResourceLocalServiceBaseImpl;
41  import com.liferay.portal.util.PropsValues;
42  import com.liferay.portal.util.comparator.ResourceComparator;
43  
44  import java.util.List;
45  
46  import org.apache.commons.lang.time.StopWatch;
47  import org.apache.commons.logging.Log;
48  import org.apache.commons.logging.LogFactory;
49  
50  /**
51   * <a href="ResourceLocalServiceImpl.java.html"><b><i>View Source</i></b></a>
52   *
53   * @author Brian Wing Shun Chan
54   * @author Wilson S. Man
55   * @author Raymond Augé
56   *
57   */
58  public class ResourceLocalServiceImpl extends ResourceLocalServiceBaseImpl {
59  
60      public void addModelResources(
61              long companyId, long groupId, long userId, String name,
62              long primKey, String[] communityPermissions,
63              String[] guestPermissions)
64          throws PortalException, SystemException {
65  
66          addModelResources(
67              companyId, groupId, userId, name, String.valueOf(primKey),
68              communityPermissions, guestPermissions);
69      }
70  
71      public void addModelResources(
72              long companyId, long groupId, long userId, String name,
73              String primKey, String[] communityPermissions,
74              String[] guestPermissions)
75          throws PortalException, SystemException {
76  
77          validate(companyId, name, false);
78  
79          // Company
80  
81          addResource(
82              companyId, name, ResourceConstants.SCOPE_COMPANY,
83              String.valueOf(companyId));
84  
85          // Guest
86  
87          Group guestGroup = groupLocalService.getGroup(
88              companyId, GroupConstants.GUEST);
89  
90          addResource(
91              companyId, name, ResourceConstants.SCOPE_GROUP,
92              String.valueOf(guestGroup.getGroupId()));
93  
94          // Group
95  
96          if ((groupId > 0) && (guestGroup.getGroupId() != groupId)) {
97              addResource(
98                  companyId, name, ResourceConstants.SCOPE_GROUP,
99                  String.valueOf(groupId));
100         }
101 
102         if (primKey != null) {
103 
104             // Individual
105 
106             Resource resource = addResource(
107                 companyId, name, ResourceConstants.SCOPE_INDIVIDUAL, primKey);
108 
109             long defaultUserId = userLocalService.getDefaultUserId(
110                 companyId);
111 
112             PermissionsListFilter permissionsListFilter =
113                 PermissionsListFilterFactory.getInstance();
114 
115             // Permissions
116 
117             List<Permission> permissionsList =
118                 permissionLocalService.addPermissions(
119                     companyId, name, resource.getResourceId(), false);
120 
121             List<Permission> userPermissionsList =
122                 permissionsListFilter.filterUserPermissions(
123                     companyId, groupId, userId, name, primKey, false,
124                     permissionsList);
125 
126             if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
127 
128                 // Owner permissions
129 
130                 Role ownerRole = roleLocalService.getRole(
131                     companyId, RoleConstants.OWNER);
132 
133                 rolePersistence.addPermissions(
134                     ownerRole.getRoleId(), userPermissionsList);
135             }
136             else {
137 
138                 // User permissions
139 
140                 if ((userId > 0) && (userId != defaultUserId)) {
141                     userPersistence.addPermissions(userId, userPermissionsList);
142                 }
143             }
144 
145             // Community permissions
146 
147             if (groupId > 0) {
148                 Group group = groupPersistence.findByPrimaryKey(groupId);
149 
150                 if (communityPermissions == null) {
151                     communityPermissions = new String[0];
152                 }
153 
154                 List<Permission> communityPermissionsList =
155                     permissionLocalService.getPermissions(
156                         companyId, communityPermissions,
157                         resource.getResourceId());
158 
159                 communityPermissionsList =
160                     permissionsListFilter.filterCommunityPermissions(
161                         companyId, groupId, userId, name, primKey, false,
162                         communityPermissionsList);
163 
164                 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
165                     Role role = null;
166 
167                     if (group.isCommunity()) {
168                         role = roleLocalService.getRole(
169                             companyId, RoleConstants.COMMUNITY_MEMBER);
170                     }
171                     else if (group.isOrganization()) {
172                         role = roleLocalService.getRole(
173                             companyId, RoleConstants.ORGANIZATION_MEMBER);
174                     }
175                     else if (group.isUser() || group.isUserGroup()) {
176                         role = roleLocalService.getRole(
177                             companyId, RoleConstants.POWER_USER);
178                     }
179 
180                     rolePersistence.addPermissions(
181                         role.getRoleId(), communityPermissionsList);
182                 }
183                 else {
184                     groupPersistence.addPermissions(
185                         groupId, communityPermissionsList);
186                 }
187             }
188 
189             // Guest permissions
190 
191             if (guestPermissions == null) {
192                 guestPermissions = new String[0];
193             }
194 
195             List<Permission> guestPermissionsList =
196                 permissionLocalService.getPermissions(
197                     companyId, guestPermissions, resource.getResourceId());
198 
199             guestPermissionsList = permissionsListFilter.filterGuestPermissions(
200                 companyId, groupId, userId, name, primKey, false,
201                 guestPermissionsList);
202 
203             if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
204 
205                 // Guest permissions
206 
207                 Role guestRole = roleLocalService.getRole(
208                     companyId, RoleConstants.GUEST);
209 
210                 rolePersistence.addPermissions(
211                     guestRole.getRoleId(), guestPermissionsList);
212             }
213             else {
214                 userPersistence.addPermissions(
215                     defaultUserId, guestPermissionsList);
216             }
217         }
218     }
219 
220     public Resource addResource(
221             long companyId, String name, int scope, String primKey)
222         throws SystemException {
223 
224         ResourceCode resourceCode = resourceCodeLocalService.getResourceCode(
225             companyId, name, scope);
226 
227         Resource resource = resourcePersistence.fetchByC_P(
228             resourceCode.getCodeId(), primKey);
229 
230         if (resource == null) {
231             long resourceId = counterLocalService.increment(
232                 Resource.class.getName());
233 
234             resource = resourcePersistence.create(resourceId);
235 
236             resource.setCodeId(resourceCode.getCodeId());
237             resource.setPrimKey(primKey);
238 
239             resourcePersistence.update(resource, false);
240         }
241 
242         return resource;
243     }
244 
245     public void addResources(
246             long companyId, long groupId, String name, boolean portletActions)
247         throws PortalException, SystemException {
248 
249         addResources(
250             companyId, groupId, 0, name, null, portletActions, false, false);
251     }
252 
253     public void addResources(
254             long companyId, long groupId, long userId, String name,
255             long primKey, boolean portletActions,
256             boolean addCommunityPermissions, boolean addGuestPermissions)
257         throws PortalException, SystemException {
258 
259         addResources(
260             companyId, groupId, userId, name, String.valueOf(primKey),
261             portletActions, addCommunityPermissions, addGuestPermissions);
262     }
263 
264     public void addResources(
265             long companyId, long groupId, long userId, String name,
266             String primKey, boolean portletActions,
267             boolean addCommunityPermissions, boolean addGuestPermissions)
268         throws PortalException, SystemException {
269 
270         StopWatch stopWatch = null;
271 
272         if (_log.isDebugEnabled()) {
273             stopWatch = new StopWatch();
274 
275             stopWatch.start();
276         }
277 
278         validate(companyId, name, portletActions);
279 
280         logAddResources(name, primKey, stopWatch, 1);
281 
282         // Company
283 
284         addResource(
285             companyId, name, ResourceConstants.SCOPE_COMPANY,
286             String.valueOf(companyId));
287 
288         logAddResources(name, primKey, stopWatch, 2);
289 
290         if (groupId > 0) {
291             addResource(
292                 companyId, name, ResourceConstants.SCOPE_GROUP,
293                 String.valueOf(groupId));
294         }
295 
296         logAddResources(name, primKey, stopWatch, 3);
297 
298         if (primKey != null) {
299 
300             // Individual
301 
302             Resource resource = addResource(
303                 companyId, name, ResourceConstants.SCOPE_INDIVIDUAL, primKey);
304 
305             logAddResources(name, primKey, stopWatch, 4);
306 
307             // Permissions
308 
309             List<Permission> permissionsList =
310                 permissionLocalService.addPermissions(
311                     companyId, name, resource.getResourceId(), portletActions);
312 
313             logAddResources(name, primKey, stopWatch, 5);
314 
315             PermissionsListFilter permissionsListFilter =
316                 PermissionsListFilterFactory.getInstance();
317 
318             List<Permission> userPermissionsList =
319                 permissionsListFilter.filterUserPermissions(
320                     companyId, groupId, userId, name, primKey,
321                     portletActions, permissionsList);
322 
323             if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
324 
325                 // Owner permissions
326 
327                 Role ownerRole = roleLocalService.getRole(
328                     companyId, RoleConstants.OWNER);
329 
330                 rolePersistence.addPermissions(
331                     ownerRole.getRoleId(), userPermissionsList);
332             }
333             else {
334 
335                 // User permissions
336 
337                 long defaultUserId = userLocalService.getDefaultUserId(
338                     companyId);
339 
340                 if ((userId > 0) && (userId != defaultUserId)) {
341                     userPersistence.addPermissions(userId, userPermissionsList);
342                 }
343             }
344 
345             logAddResources(name, primKey, stopWatch, 6);
346 
347             // Community permissions
348 
349             if ((groupId > 0) && addCommunityPermissions) {
350                 addCommunityPermissions(
351                     companyId, groupId, userId, name, resource, portletActions);
352             }
353 
354             logAddResources(name, primKey, stopWatch, 7);
355 
356             // Guest permissions
357 
358             if (addGuestPermissions) {
359 
360                 // Don't add guest permissions when you've already added
361                 // community permissions and the given community is the guest
362                 // community.
363 
364                 addGuestPermissions(
365                     companyId, groupId, userId, name, resource, portletActions);
366             }
367 
368             logAddResources(name, primKey, stopWatch, 8);
369         }
370     }
371 
372     public void deleteResource(long resourceId) throws SystemException {
373         try {
374             Resource resource = resourcePersistence.findByPrimaryKey(
375                 resourceId);
376 
377             deleteResource(resource);
378         }
379         catch (NoSuchResourceException nsre) {
380             _log.warn(nsre);
381         }
382     }
383 
384     public void deleteResource(Resource resource) throws SystemException {
385 
386         // Permissions
387 
388         List<Permission> permissions = permissionPersistence.findByResourceId(
389             resource.getResourceId());
390 
391         for (Permission permission : permissions) {
392             orgGroupPermissionPersistence.removeByPermissionId(
393                 permission.getPermissionId());
394         }
395 
396         permissionPersistence.removeByResourceId(resource.getResourceId());
397 
398         // Resource
399 
400         resourcePersistence.remove(resource);
401     }
402 
403     public void deleteResource(
404             long companyId, String name, int scope, long primKey)
405         throws PortalException, SystemException {
406 
407         deleteResource(companyId, name, scope, String.valueOf(primKey));
408     }
409 
410     public void deleteResource(
411             long companyId, String name, int scope, String primKey)
412         throws PortalException, SystemException {
413 
414         try {
415             Resource resource = getResource(companyId, name, scope, primKey);
416 
417             deleteResource(resource.getResourceId());
418         }
419         catch (NoSuchResourceException nsre) {
420             _log.warn(nsre);
421         }
422     }
423 
424     public void deleteResources(String name) throws SystemException {
425         List<Resource> resources = resourceFinder.findByName(name);
426 
427         for (Resource resource : resources) {
428             deleteResource(resource);
429         }
430     }
431 
432     public long getLatestResourceId() throws SystemException {
433         List<Resource> resources = resourcePersistence.findAll(
434             0, 1, new ResourceComparator());
435 
436         if (resources.size() == 0) {
437             return 0;
438         }
439         else {
440             Resource resource = resources.get(0);
441 
442             return resource.getResourceId();
443         }
444     }
445 
446     public Resource getResource(long resourceId)
447         throws PortalException, SystemException {
448 
449         return resourcePersistence.findByPrimaryKey(resourceId);
450     }
451 
452     public List<Resource> getResources() throws SystemException {
453         return resourcePersistence.findAll();
454     }
455 
456     public Resource getResource(
457             long companyId, String name, int scope, String primKey)
458         throws PortalException, SystemException {
459 
460         ResourceCode resourceCode = resourceCodeLocalService.getResourceCode(
461             companyId, name, scope);
462 
463         return resourcePersistence.findByC_P(resourceCode.getCodeId(), primKey);
464     }
465 
466     protected void addCommunityPermissions(
467             long companyId, long groupId, long userId, String name,
468             Resource resource, boolean portletActions)
469         throws PortalException, SystemException {
470 
471         StopWatch stopWatch = null;
472 
473         if (_log.isDebugEnabled()) {
474             stopWatch = new StopWatch();
475 
476             stopWatch.start();
477         }
478 
479         Group group = groupPersistence.findByPrimaryKey(groupId);
480 
481         long resourceId = resource.getResourceId();
482         String primKey = resource.getPrimKey();
483 
484         logAddCommunityPermissions(groupId, name, resourceId, stopWatch, 1);
485 
486         List<String> actions = null;
487 
488         if (portletActions) {
489             actions =
490                 ResourceActionsUtil.getPortletResourceCommunityDefaultActions(
491                     name);
492         }
493         else {
494             actions =
495                 ResourceActionsUtil.getModelResourceCommunityDefaultActions(
496                     name);
497         }
498 
499         logAddCommunityPermissions(groupId, name, resourceId, stopWatch, 2);
500 
501         String[] actionIds = actions.toArray(new String[actions.size()]);
502 
503         List<Permission> communityPermissionsList =
504             permissionLocalService.getPermissions(
505                 group.getCompanyId(), actionIds, resourceId);
506 
507         logAddCommunityPermissions(groupId, name, resourceId, stopWatch, 3);
508 
509         PermissionsListFilter permissionsListFilter =
510             PermissionsListFilterFactory.getInstance();
511 
512         communityPermissionsList =
513             permissionsListFilter.filterCommunityPermissions(
514                 companyId, groupId, userId, name, primKey, portletActions,
515                 communityPermissionsList);
516 
517         logAddCommunityPermissions(groupId, name, resourceId, stopWatch, 4);
518 
519         if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
520             Role role = null;
521 
522             if (group.isCommunity()) {
523                 role = roleLocalService.getRole(
524                     companyId, RoleConstants.COMMUNITY_MEMBER);
525             }
526             else if (group.isOrganization()) {
527                 role = roleLocalService.getRole(
528                     companyId, RoleConstants.ORGANIZATION_MEMBER);
529             }
530             else if (group.isUser() || group.isUserGroup()) {
531                 role = roleLocalService.getRole(
532                     companyId, RoleConstants.POWER_USER);
533             }
534 
535             rolePersistence.addPermissions(
536                 role.getRoleId(), communityPermissionsList);
537         }
538         else {
539             groupPersistence.addPermissions(groupId, communityPermissionsList);
540         }
541 
542         logAddCommunityPermissions(groupId, name, resourceId, stopWatch, 5);
543     }
544 
545     protected void addGuestPermissions(
546             long companyId, long groupId, long userId, String name,
547             Resource resource, boolean portletActions)
548         throws PortalException, SystemException {
549 
550         List<String> actions = null;
551 
552         if (portletActions) {
553             actions = ResourceActionsUtil.getPortletResourceGuestDefaultActions(
554                 name);
555         }
556         else {
557             actions = ResourceActionsUtil.getModelResourceGuestDefaultActions(
558                 name);
559         }
560 
561         String[] actionIds = actions.toArray(new String[actions.size()]);
562 
563         List<Permission> guestPermissionsList =
564             permissionLocalService.getPermissions(
565                 companyId, actionIds, resource.getResourceId());
566 
567         PermissionsListFilter permissionsListFilter =
568             PermissionsListFilterFactory.getInstance();
569 
570         guestPermissionsList =
571             permissionsListFilter.filterGuestPermissions(
572                 companyId, groupId, userId, name, resource.getPrimKey(),
573                 portletActions, guestPermissionsList);
574 
575         if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
576             Role guestRole = roleLocalService.getRole(
577                 companyId, RoleConstants.GUEST);
578 
579             rolePersistence.addPermissions(
580                 guestRole.getRoleId(), guestPermissionsList);
581         }
582         else {
583             long defaultUserId = userLocalService.getDefaultUserId(companyId);
584 
585             userPersistence.addPermissions(defaultUserId, guestPermissionsList);
586         }
587     }
588 
589     protected void logAddCommunityPermissions(
590         long groupId, String name, long resourceId, StopWatch stopWatch,
591         int block) {
592 
593         if (!_log.isDebugEnabled()) {
594             return;
595         }
596 
597         _log.debug(
598             "Adding community permissions block " + block + " for " + groupId +
599                 " " + name + " " + resourceId + " takes " +
600                     stopWatch.getTime() + " ms");
601     }
602 
603     protected void logAddResources(
604         String name, String primKey, StopWatch stopWatch, int block) {
605 
606         if (!_log.isDebugEnabled()) {
607             return;
608         }
609 
610         _log.debug(
611             "Adding resources block " + block + " for " + name + " " + primKey +
612                 " takes " + stopWatch.getTime() + " ms");
613     }
614 
615     protected void validate(
616             long companyId, String name, boolean portletActions)
617         throws PortalException, SystemException {
618 
619         List<String> actions = null;
620 
621         if (portletActions) {
622             actions = ResourceActionsUtil.getPortletResourceActions(
623                 companyId, name);
624         }
625         else {
626             actions = ResourceActionsUtil.getModelResourceActions(name);
627         }
628 
629         if (actions.size() == 0) {
630             throw new ResourceActionsException(
631                 "There are no actions associated with the resource " + name);
632         }
633     }
634 
635     private static Log _log = LogFactory.getLog(ResourceLocalServiceImpl.class);
636 
637 }