1
14
15 package com.liferay.portal.service.permission;
16
17 import com.liferay.portal.kernel.exception.PortalException;
18 import com.liferay.portal.kernel.exception.SystemException;
19 import com.liferay.portal.kernel.log.Log;
20 import com.liferay.portal.kernel.log.LogFactoryUtil;
21 import com.liferay.portal.model.Group;
22 import com.liferay.portal.model.Layout;
23 import com.liferay.portal.model.Portlet;
24 import com.liferay.portal.model.PortletConstants;
25 import com.liferay.portal.security.auth.PrincipalException;
26 import com.liferay.portal.security.permission.ActionKeys;
27 import com.liferay.portal.security.permission.PermissionChecker;
28 import com.liferay.portal.security.permission.ResourceActionsUtil;
29 import com.liferay.portal.service.GroupLocalServiceUtil;
30 import com.liferay.portal.service.LayoutLocalServiceUtil;
31 import com.liferay.portal.util.PropsValues;
32
33 import java.util.List;
34
35
40 public class PortletPermissionImpl implements PortletPermission {
41
42 public static final boolean DEFAULT_STRICT = false;
43
44 public void check(
45 PermissionChecker permissionChecker, long plid, String portletId,
46 String actionId)
47 throws PortalException, SystemException {
48
49 check(permissionChecker, plid, portletId, actionId, DEFAULT_STRICT);
50 }
51
52 public void check(
53 PermissionChecker permissionChecker, long plid, String portletId,
54 String actionId, boolean strict)
55 throws PortalException, SystemException {
56
57 if (!contains(permissionChecker, plid, portletId, actionId, strict)) {
58 throw new PrincipalException();
59 }
60 }
61
62 public void check(
63 PermissionChecker permissionChecker, String portletId,
64 String actionId)
65 throws PortalException, SystemException {
66
67 if (!contains(permissionChecker, portletId, actionId)) {
68 throw new PrincipalException();
69 }
70 }
71
72 public boolean contains(
73 PermissionChecker permissionChecker, long plid, Portlet portlet,
74 String actionId)
75 throws PortalException, SystemException {
76
77 return contains(
78 permissionChecker, plid, portlet, actionId, DEFAULT_STRICT);
79 }
80
81 public boolean contains(
82 PermissionChecker permissionChecker, long plid, Portlet portlet,
83 String actionId, boolean strict)
84 throws PortalException, SystemException {
85
86 if (portlet.isUndeployedPortlet()) {
87 return false;
88 }
89
90 boolean value = contains(
91 permissionChecker, plid, portlet.getPortletId(), actionId, strict);
92
93 if (value) {
94 return true;
95 }
96 else {
97 if (portlet.isSystem() && actionId.equals(ActionKeys.VIEW)) {
98 return true;
99 }
100 else {
101 return false;
102 }
103 }
104 }
105
106 public boolean contains(
107 PermissionChecker permissionChecker, long plid, String portletId,
108 String actionId)
109 throws PortalException, SystemException {
110
111 return contains(
112 permissionChecker, plid, portletId, actionId, DEFAULT_STRICT);
113 }
114
115 public boolean contains(
116 PermissionChecker permissionChecker, long plid, String portletId,
117 String actionId, boolean strict)
118 throws PortalException, SystemException {
119
120 long groupId = 0;
121 String name = null;
122 String primKey = null;
123
124 if (plid > 0) {
125 Layout layout = LayoutLocalServiceUtil.getLayout(plid);
126
127 groupId = layout.getGroupId();
128 name = PortletConstants.getRootPortletId(portletId);
129 primKey = getPrimaryKey(plid, portletId);
130
131 if ((layout.isPrivateLayout() &&
132 !PropsValues.LAYOUT_USER_PRIVATE_LAYOUTS_MODIFIABLE) ||
133 (layout.isPublicLayout() &&
134 !PropsValues.LAYOUT_USER_PUBLIC_LAYOUTS_MODIFIABLE)) {
135
136 if (actionId.equals(ActionKeys.CONFIGURATION)) {
137 Group group = GroupLocalServiceUtil.getGroup(
138 layout.getGroupId());
139
140 if (group.isUser()) {
141 return false;
142 }
143 }
144 }
145
146 if (actionId.equals(ActionKeys.VIEW)) {
147 Group group = GroupLocalServiceUtil.getGroup(
148 layout.getGroupId());
149
150 if (group.isControlPanel()) {
151 return true;
152 }
153 }
154
155 if (!strict) {
156 if (LayoutPermissionUtil.contains(
157 permissionChecker, groupId, layout.isPrivateLayout(),
158 layout.getLayoutId(), ActionKeys.UPDATE) &&
159 hasLayoutManagerPermission(portletId, actionId)) {
160
161 return true;
162 }
163 }
164 }
165 else {
166 name = portletId;
167 primKey = portletId;
168 }
169
170 return permissionChecker.hasPermission(
171 groupId, name, primKey, actionId);
172 }
173
174 public boolean contains(
175 PermissionChecker permissionChecker, String portletId,
176 String actionId)
177 throws PortalException, SystemException {
178
179 return contains(permissionChecker, 0, portletId, actionId);
180 }
181
182 public String getPrimaryKey(long plid, String portletId) {
183 return String.valueOf(plid).concat(
184 PortletConstants.LAYOUT_SEPARATOR).concat(portletId);
185 }
186
187 public boolean hasLayoutManagerPermission(
188 String portletId, String actionId) {
189
190 try {
191 return hasLayoutManagerPermissionImpl(portletId, actionId);
192 }
193 catch (Exception e) {
194 _log.error(e, e);
195
196 return false;
197 }
198 }
199
200 protected boolean hasLayoutManagerPermissionImpl(
201 String portletId, String actionId) {
202
203 portletId = PortletConstants.getRootPortletId(portletId);
204
205 List<String> layoutManagerActions =
206 ResourceActionsUtil.getPortletResourceLayoutManagerActions(
207 portletId);
208
209 return layoutManagerActions.contains(actionId);
210 }
211
212 private static Log _log = LogFactoryUtil.getLog(
213 PortletPermissionImpl.class);
214
215 }