1   /**
2    * Copyright (c) 2000-2008 Liferay, Inc. All rights reserved.
3    *
4    * Permission is hereby granted, free of charge, to any person obtaining a copy
5    * of this software and associated documentation files (the "Software"), to deal
6    * in the Software without restriction, including without limitation the rights
7    * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
8    * copies of the Software, and to permit persons to whom the Software is
9    * furnished to do so, subject to the following conditions:
10   *
11   * The above copyright notice and this permission notice shall be included in
12   * all copies or substantial portions of the Software.
13   *
14   * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15   * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16   * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
17   * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
18   * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
19   * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
20   * SOFTWARE.
21   */
22  
23  package com.liferay.portal.service.impl;
24  
25  import com.liferay.portal.NoSuchResourceException;
26  import com.liferay.portal.PortalException;
27  import com.liferay.portal.ResourceActionsException;
28  import com.liferay.portal.SystemException;
29  import com.liferay.portal.model.Group;
30  import com.liferay.portal.model.GroupConstants;
31  import com.liferay.portal.model.Permission;
32  import com.liferay.portal.model.Resource;
33  import com.liferay.portal.model.ResourceCode;
34  import com.liferay.portal.model.ResourceConstants;
35  import com.liferay.portal.model.Role;
36  import com.liferay.portal.model.RoleConstants;
37  import com.liferay.portal.security.permission.PermissionsListFilter;
38  import com.liferay.portal.security.permission.PermissionsListFilterFactory;
39  import com.liferay.portal.security.permission.ResourceActionsUtil;
40  import com.liferay.portal.service.base.ResourceLocalServiceBaseImpl;
41  import com.liferay.portal.util.PropsValues;
42  import com.liferay.portal.util.comparator.ResourceComparator;
43  
44  import java.util.List;
45  
46  import org.apache.commons.lang.time.StopWatch;
47  import org.apache.commons.logging.Log;
48  import org.apache.commons.logging.LogFactory;
49  
50  /**
51   * <a href="ResourceLocalServiceImpl.java.html"><b><i>View Source</i></b></a>
52   *
53   * @author Brian Wing Shun Chan
54   * @author Wilson S. Man
55   * @author Raymond Augé
56   *
57   */
58  public class ResourceLocalServiceImpl extends ResourceLocalServiceBaseImpl {
59  
60      public void addModelResources(
61              long companyId, long groupId, long userId, String name,
62              long primKey, String[] communityPermissions,
63              String[] guestPermissions)
64          throws PortalException, SystemException {
65  
66          addModelResources(
67              companyId, groupId, userId, name, String.valueOf(primKey),
68              communityPermissions, guestPermissions);
69      }
70  
71      public void addModelResources(
72              long companyId, long groupId, long userId, String name,
73              String primKey, String[] communityPermissions,
74              String[] guestPermissions)
75          throws PortalException, SystemException {
76  
77          validate(companyId, name, false);
78  
79          // Company
80  
81          addResource(
82              companyId, name, ResourceConstants.SCOPE_COMPANY,
83              String.valueOf(companyId));
84  
85          // Guest
86  
87          Group guestGroup = groupLocalService.getGroup(
88              companyId, GroupConstants.GUEST);
89  
90          addResource(
91              companyId, name, ResourceConstants.SCOPE_GROUP,
92              String.valueOf(guestGroup.getGroupId()));
93  
94          // Group
95  
96          if ((groupId > 0) && (guestGroup.getGroupId() != groupId)) {
97              addResource(
98                  companyId, name, ResourceConstants.SCOPE_GROUP,
99                  String.valueOf(groupId));
100         }
101 
102         if (primKey != null) {
103 
104             // Individual
105 
106             Resource resource = addResource(
107                 companyId, name, ResourceConstants.SCOPE_INDIVIDUAL, primKey);
108 
109             long defaultUserId = userLocalService.getDefaultUserId(
110                 companyId);
111 
112             PermissionsListFilter permissionsListFilter =
113                 PermissionsListFilterFactory.getInstance();
114 
115             // Permissions
116 
117             List<Permission> permissionsList =
118                 permissionLocalService.addPermissions(
119                     companyId, name, resource.getResourceId(), false);
120 
121             List<Permission> userPermissionsList =
122                 permissionsListFilter.filterUserPermissions(
123                     companyId, groupId, userId, name, primKey, false,
124                     permissionsList);
125 
126             if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
127 
128                 // Owner permissions
129 
130                 Role ownerRole = roleLocalService.getRole(
131                     companyId, RoleConstants.OWNER);
132 
133                 rolePersistence.addPermissions(
134                     ownerRole.getRoleId(), userPermissionsList);
135             }
136             else {
137 
138                 // User permissions
139 
140                 if ((userId > 0) && (userId != defaultUserId)) {
141                     userPersistence.addPermissions(userId, userPermissionsList);
142                 }
143             }
144 
145             // Community permissions
146 
147             if (groupId > 0) {
148                 Group group = groupPersistence.findByPrimaryKey(groupId);
149 
150                 if (communityPermissions == null) {
151                     communityPermissions = new String[0];
152                 }
153 
154                 List<Permission> communityPermissionsList =
155                     permissionLocalService.getPermissions(
156                         companyId, communityPermissions,
157                         resource.getResourceId());
158 
159                 communityPermissionsList =
160                     permissionsListFilter.filterCommunityPermissions(
161                         companyId, groupId, userId, name, primKey, false,
162                         communityPermissionsList);
163 
164                 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
165                     Role role = null;
166 
167                     if (group.isCommunity()) {
168                         role = roleLocalService.getRole(
169                             companyId, RoleConstants.COMMUNITY_MEMBER);
170                     }
171                     else if (group.isOrganization()) {
172                         role = roleLocalService.getRole(
173                             companyId, RoleConstants.ORGANIZATION_MEMBER);
174                     }
175                     else if (group.isUser() || group.isUserGroup()) {
176                         role = roleLocalService.getRole(
177                             companyId, RoleConstants.POWER_USER);
178                     }
179 
180                     rolePersistence.addPermissions(
181                         role.getRoleId(), communityPermissionsList);
182                 }
183                 else {
184                     groupPersistence.addPermissions(
185                         groupId, communityPermissionsList);
186                 }
187             }
188 
189             // Guest permissions
190 
191             if (guestPermissions == null) {
192                 guestPermissions = new String[0];
193             }
194 
195             List<Permission> guestPermissionsList =
196                 permissionLocalService.getPermissions(
197                     companyId, guestPermissions, resource.getResourceId());
198 
199             guestPermissionsList = permissionsListFilter.filterGuestPermissions(
200                 companyId, groupId, userId, name, primKey, false,
201                 guestPermissionsList);
202 
203             if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
204 
205                 // Guest permissions
206 
207                 Role guestRole = roleLocalService.getRole(
208                     companyId, RoleConstants.GUEST);
209 
210                 rolePersistence.addPermissions(
211                     guestRole.getRoleId(), guestPermissionsList);
212             }
213             else {
214                 userPersistence.addPermissions(
215                     defaultUserId, guestPermissionsList);
216             }
217         }
218     }
219 
220     public Resource addResource(
221             long companyId, String name, int scope, String primKey)
222         throws SystemException {
223 
224         ResourceCode resourceCode = resourceCodeLocalService.getResourceCode(
225             companyId, name, scope);
226 
227         Resource resource = resourcePersistence.fetchByC_P(
228             resourceCode.getCodeId(), primKey);
229 
230         if (resource == null) {
231             long resourceId = counterLocalService.increment(
232                 Resource.class.getName());
233 
234             resource = resourcePersistence.create(resourceId);
235 
236             resource.setCodeId(resourceCode.getCodeId());
237             resource.setPrimKey(primKey);
238 
239             resourcePersistence.update(resource, false);
240         }
241 
242         return resource;
243     }
244 
245     public void addResources(
246             long companyId, long groupId, String name, boolean portletActions)
247         throws PortalException, SystemException {
248 
249         addResources(
250             companyId, groupId, 0, name, null, portletActions, false, false);
251     }
252 
253     public void addResources(
254             long companyId, long groupId, long userId, String name,
255             long primKey, boolean portletActions,
256             boolean addCommunityPermissions, boolean addGuestPermissions)
257         throws PortalException, SystemException {
258 
259         addResources(
260             companyId, groupId, userId, name, String.valueOf(primKey),
261             portletActions, addCommunityPermissions, addGuestPermissions);
262     }
263 
264     public void addResources(
265             long companyId, long groupId, long userId, String name,
266             String primKey, boolean portletActions,
267             boolean addCommunityPermissions, boolean addGuestPermissions)
268         throws PortalException, SystemException {
269 
270         StopWatch stopWatch = null;
271 
272         if (_log.isDebugEnabled()) {
273             stopWatch = new StopWatch();
274 
275             stopWatch.start();
276         }
277 
278         validate(companyId, name, portletActions);
279 
280         logAddResources(name, primKey, stopWatch, 1);
281 
282         // Company
283 
284         addResource(
285             companyId, name, ResourceConstants.SCOPE_COMPANY,
286             String.valueOf(companyId));
287 
288         logAddResources(name, primKey, stopWatch, 2);
289 
290         if (groupId > 0) {
291             addResource(
292                 companyId, name, ResourceConstants.SCOPE_GROUP,
293                 String.valueOf(groupId));
294         }
295 
296         logAddResources(name, primKey, stopWatch, 3);
297 
298         if (primKey != null) {
299 
300             // Individual
301 
302             Resource resource = addResource(
303                 companyId, name, ResourceConstants.SCOPE_INDIVIDUAL, primKey);
304 
305             logAddResources(name, primKey, stopWatch, 4);
306 
307             // Permissions
308 
309             List<Permission> permissionsList =
310                 permissionLocalService.addPermissions(
311                     companyId, name, resource.getResourceId(), portletActions);
312 
313             logAddResources(name, primKey, stopWatch, 5);
314 
315             PermissionsListFilter permissionsListFilter =
316                 PermissionsListFilterFactory.getInstance();
317 
318             List<Permission> userPermissionsList =
319                 permissionsListFilter.filterUserPermissions(
320                     companyId, groupId, userId, name, primKey,
321                     portletActions, permissionsList);
322 
323             if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
324 
325                 // Owner permissions
326 
327                 Role ownerRole = roleLocalService.getRole(
328                     companyId, RoleConstants.OWNER);
329 
330                 rolePersistence.addPermissions(
331                     ownerRole.getRoleId(), userPermissionsList);
332             }
333             else {
334 
335                 // User permissions
336 
337                 long defaultUserId = userLocalService.getDefaultUserId(
338                     companyId);
339 
340                 if ((userId > 0) && (userId != defaultUserId)) {
341                     userPersistence.addPermissions(userId, userPermissionsList);
342                 }
343             }
344 
345             logAddResources(name, primKey, stopWatch, 6);
346 
347             // Community permissions
348 
349             if ((groupId > 0) && addCommunityPermissions) {
350                 addCommunityPermissions(
351                     companyId, groupId, userId, name, resource, portletActions);
352             }
353 
354             logAddResources(name, primKey, stopWatch, 7);
355 
356             // Guest permissions
357 
358             if (addGuestPermissions) {
359 
360                 // Don't add guest permissions when you've already added
361                 // community permissions and the given community is the guest
362                 // community.
363 
364                 addGuestPermissions(
365                     companyId, groupId, userId, name, resource, portletActions);
366             }
367 
368             logAddResources(name, primKey, stopWatch, 8);
369         }
370     }
371 
372     public void deleteResource(long resourceId) throws SystemException {
373         try {
374             Resource resource = resourcePersistence.findByPrimaryKey(
375                 resourceId);
376 
377             deleteResource(resource);
378         }
379         catch (NoSuchResourceException nsre) {
380             if (_log.isWarnEnabled()) {
381                 _log.warn(nsre);
382             }
383         }
384     }
385 
386     public void deleteResource(Resource resource) throws SystemException {
387 
388         // Permissions
389 
390         List<Permission> permissions = permissionPersistence.findByResourceId(
391             resource.getResourceId());
392 
393         for (Permission permission : permissions) {
394             orgGroupPermissionPersistence.removeByPermissionId(
395                 permission.getPermissionId());
396         }
397 
398         permissionPersistence.removeByResourceId(resource.getResourceId());
399 
400         // Resource
401 
402         resourcePersistence.remove(resource);
403     }
404 
405     public void deleteResource(
406             long companyId, String name, int scope, long primKey)
407         throws PortalException, SystemException {
408 
409         deleteResource(companyId, name, scope, String.valueOf(primKey));
410     }
411 
412     public void deleteResource(
413             long companyId, String name, int scope, String primKey)
414         throws PortalException, SystemException {
415 
416         try {
417             Resource resource = getResource(companyId, name, scope, primKey);
418 
419             deleteResource(resource.getResourceId());
420         }
421         catch (NoSuchResourceException nsre) {
422             if (_log.isWarnEnabled()) {
423                 _log.warn(nsre);
424             }
425         }
426     }
427 
428     public void deleteResources(String name) throws SystemException {
429         List<Resource> resources = resourceFinder.findByName(name);
430 
431         for (Resource resource : resources) {
432             deleteResource(resource);
433         }
434     }
435 
436     public long getLatestResourceId() throws SystemException {
437         List<Resource> resources = resourcePersistence.findAll(
438             0, 1, new ResourceComparator());
439 
440         if (resources.size() == 0) {
441             return 0;
442         }
443         else {
444             Resource resource = resources.get(0);
445 
446             return resource.getResourceId();
447         }
448     }
449 
450     public Resource getResource(long resourceId)
451         throws PortalException, SystemException {
452 
453         return resourcePersistence.findByPrimaryKey(resourceId);
454     }
455 
456     public List<Resource> getResources() throws SystemException {
457         return resourcePersistence.findAll();
458     }
459 
460     public Resource getResource(
461             long companyId, String name, int scope, String primKey)
462         throws PortalException, SystemException {
463 
464         ResourceCode resourceCode = resourceCodeLocalService.getResourceCode(
465             companyId, name, scope);
466 
467         return resourcePersistence.findByC_P(resourceCode.getCodeId(), primKey);
468     }
469 
470     protected void addCommunityPermissions(
471             long companyId, long groupId, long userId, String name,
472             Resource resource, boolean portletActions)
473         throws PortalException, SystemException {
474 
475         StopWatch stopWatch = null;
476 
477         if (_log.isDebugEnabled()) {
478             stopWatch = new StopWatch();
479 
480             stopWatch.start();
481         }
482 
483         Group group = groupPersistence.findByPrimaryKey(groupId);
484 
485         long resourceId = resource.getResourceId();
486         String primKey = resource.getPrimKey();
487 
488         logAddCommunityPermissions(groupId, name, resourceId, stopWatch, 1);
489 
490         List<String> actions = null;
491 
492         if (portletActions) {
493             actions =
494                 ResourceActionsUtil.getPortletResourceCommunityDefaultActions(
495                     name);
496         }
497         else {
498             actions =
499                 ResourceActionsUtil.getModelResourceCommunityDefaultActions(
500                     name);
501         }
502 
503         logAddCommunityPermissions(groupId, name, resourceId, stopWatch, 2);
504 
505         String[] actionIds = actions.toArray(new String[actions.size()]);
506 
507         List<Permission> communityPermissionsList =
508             permissionLocalService.getPermissions(
509                 group.getCompanyId(), actionIds, resourceId);
510 
511         logAddCommunityPermissions(groupId, name, resourceId, stopWatch, 3);
512 
513         PermissionsListFilter permissionsListFilter =
514             PermissionsListFilterFactory.getInstance();
515 
516         communityPermissionsList =
517             permissionsListFilter.filterCommunityPermissions(
518                 companyId, groupId, userId, name, primKey, portletActions,
519                 communityPermissionsList);
520 
521         logAddCommunityPermissions(groupId, name, resourceId, stopWatch, 4);
522 
523         if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
524             Role role = null;
525 
526             if (group.isCommunity()) {
527                 role = roleLocalService.getRole(
528                     companyId, RoleConstants.COMMUNITY_MEMBER);
529             }
530             else if (group.isOrganization()) {
531                 role = roleLocalService.getRole(
532                     companyId, RoleConstants.ORGANIZATION_MEMBER);
533             }
534             else if (group.isUser() || group.isUserGroup()) {
535                 role = roleLocalService.getRole(
536                     companyId, RoleConstants.POWER_USER);
537             }
538 
539             rolePersistence.addPermissions(
540                 role.getRoleId(), communityPermissionsList);
541         }
542         else {
543             groupPersistence.addPermissions(groupId, communityPermissionsList);
544         }
545 
546         logAddCommunityPermissions(groupId, name, resourceId, stopWatch, 5);
547     }
548 
549     protected void addGuestPermissions(
550             long companyId, long groupId, long userId, String name,
551             Resource resource, boolean portletActions)
552         throws PortalException, SystemException {
553 
554         List<String> actions = null;
555 
556         if (portletActions) {
557             actions = ResourceActionsUtil.getPortletResourceGuestDefaultActions(
558                 name);
559         }
560         else {
561             actions = ResourceActionsUtil.getModelResourceGuestDefaultActions(
562                 name);
563         }
564 
565         String[] actionIds = actions.toArray(new String[actions.size()]);
566 
567         List<Permission> guestPermissionsList =
568             permissionLocalService.getPermissions(
569                 companyId, actionIds, resource.getResourceId());
570 
571         PermissionsListFilter permissionsListFilter =
572             PermissionsListFilterFactory.getInstance();
573 
574         guestPermissionsList =
575             permissionsListFilter.filterGuestPermissions(
576                 companyId, groupId, userId, name, resource.getPrimKey(),
577                 portletActions, guestPermissionsList);
578 
579         if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
580             Role guestRole = roleLocalService.getRole(
581                 companyId, RoleConstants.GUEST);
582 
583             rolePersistence.addPermissions(
584                 guestRole.getRoleId(), guestPermissionsList);
585         }
586         else {
587             long defaultUserId = userLocalService.getDefaultUserId(companyId);
588 
589             userPersistence.addPermissions(defaultUserId, guestPermissionsList);
590         }
591     }
592 
593     protected void logAddCommunityPermissions(
594         long groupId, String name, long resourceId, StopWatch stopWatch,
595         int block) {
596 
597         if (!_log.isDebugEnabled()) {
598             return;
599         }
600 
601         _log.debug(
602             "Adding community permissions block " + block + " for " + groupId +
603                 " " + name + " " + resourceId + " takes " +
604                     stopWatch.getTime() + " ms");
605     }
606 
607     protected void logAddResources(
608         String name, String primKey, StopWatch stopWatch, int block) {
609 
610         if (!_log.isDebugEnabled()) {
611             return;
612         }
613 
614         _log.debug(
615             "Adding resources block " + block + " for " + name + " " + primKey +
616                 " takes " + stopWatch.getTime() + " ms");
617     }
618 
619     protected void validate(
620             long companyId, String name, boolean portletActions)
621         throws PortalException, SystemException {
622 
623         List<String> actions = null;
624 
625         if (portletActions) {
626             actions = ResourceActionsUtil.getPortletResourceActions(
627                 companyId, name);
628         }
629         else {
630             actions = ResourceActionsUtil.getModelResourceActions(name);
631         }
632 
633         if (actions.size() == 0) {
634             throw new ResourceActionsException(
635                 "There are no actions associated with the resource " + name);
636         }
637     }
638 
639     private static Log _log = LogFactory.getLog(ResourceLocalServiceImpl.class);
640 
641 }