1
22
23 package com.liferay.portal.service.impl;
24
25 import com.liferay.portal.NoSuchResourcePermissionException;
26 import com.liferay.portal.PortalException;
27 import com.liferay.portal.SystemException;
28 import com.liferay.portal.kernel.search.SearchEngineUtil;
29 import com.liferay.portal.model.ResourceAction;
30 import com.liferay.portal.model.ResourceConstants;
31 import com.liferay.portal.model.ResourcePermission;
32 import com.liferay.portal.model.ResourcePermissionConstants;
33 import com.liferay.portal.model.Role;
34 import com.liferay.portal.model.RoleConstants;
35 import com.liferay.portal.security.permission.PermissionCacheUtil;
36 import com.liferay.portal.security.permission.ResourceActionsUtil;
37 import com.liferay.portal.service.base.ResourcePermissionLocalServiceBaseImpl;
38 import com.liferay.portal.util.PortalUtil;
39
40 import java.util.ArrayList;
41 import java.util.Collections;
42 import java.util.List;
43
44
52 public class ResourcePermissionLocalServiceImpl
53 extends ResourcePermissionLocalServiceBaseImpl {
54
55 public void addResourcePermission(
56 long companyId, String name, int scope, String primKey, long roleId,
57 String actionId)
58 throws PortalException, SystemException {
59
60 if (scope == ResourceConstants.SCOPE_COMPANY) {
61
62
64 removeResourcePermissions(
65 companyId, name, ResourceConstants.SCOPE_GROUP, roleId,
66 actionId);
67 }
68 else if (scope == ResourceConstants.SCOPE_GROUP) {
69
70
72 removeResourcePermissions(
73 companyId, name, ResourceConstants.SCOPE_COMPANY, roleId,
74 actionId);
75 }
76 else if (scope == ResourceConstants.SCOPE_INDIVIDUAL) {
77 throw new NoSuchResourcePermissionException();
78 }
79
80 updateResourcePermission(
81 companyId, name, scope, primKey, roleId, new String[] {actionId},
82 ResourcePermissionConstants.OPERATOR_ADD);
83
84 PermissionCacheUtil.clearCache();
85 }
86
87 public List<String> getAvailableResourcePermissionActionIds(
88 long companyId, String name, int scope, String primKey, long roleId,
89 List<String> actionIds)
90 throws PortalException, SystemException {
91
92 ResourcePermission resourcePermission =
93 resourcePermissionPersistence.fetchByC_N_S_P_R(
94 companyId, name, scope, primKey, roleId);
95
96 if (resourcePermission == null) {
97 return Collections.EMPTY_LIST;
98 }
99
100 List<String> availableActionIds = new ArrayList<String>(
101 actionIds.size());
102
103 for (String actionId : actionIds) {
104 ResourceAction resourceAction =
105 resourceActionLocalService.getResourceAction(name, actionId);
106
107 if (hasActionId(resourcePermission, resourceAction)) {
108 availableActionIds.add(actionId);
109 }
110 }
111
112 return availableActionIds;
113 }
114
115 public int getResourcePermissionsCount(
116 long companyId, String name, int scope, String primKey)
117 throws SystemException {
118
119 return resourcePermissionPersistence.countByC_N_S_P(
120 companyId, name, scope, primKey);
121 }
122
123 public List<ResourcePermission> getRoleResourcePermissions(long roleId)
124 throws SystemException {
125
126 return resourcePermissionPersistence.findByRoleId(roleId);
127 }
128
129 public boolean hasActionId(
130 ResourcePermission resourcePermission, ResourceAction resourceAction) {
131
132 long actionIds = resourcePermission.getActionIds();
133 long bitwiseValue = resourceAction.getBitwiseValue();
134
135 if ((actionIds & bitwiseValue) == bitwiseValue) {
136 return true;
137 }
138 else {
139 return false;
140 }
141 }
142
143 public boolean hasResourcePermission(
144 long companyId, String name, int scope, String primKey, long roleId,
145 String actionId)
146 throws PortalException, SystemException {
147
148 ResourcePermission resourcePermission =
149 resourcePermissionPersistence.fetchByC_N_S_P_R(
150 companyId, name, scope, primKey, roleId);
151
152 if (resourcePermission == null) {
153 return false;
154 }
155
156 ResourceAction resourceAction =
157 resourceActionLocalService.getResourceAction(name, actionId);
158
159 if (hasActionId(resourcePermission, resourceAction)) {
160 return true;
161 }
162 else {
163 return false;
164 }
165 }
166
167 public boolean hasScopeResourcePermission(
168 long companyId, String name, int scope, long roleId,
169 String actionId)
170 throws PortalException, SystemException {
171
172 List<ResourcePermission> resourcePermissions =
173 resourcePermissionPersistence.findByC_N_S(companyId, name, scope);
174
175 for (ResourcePermission resourcePermission : resourcePermissions) {
176 if (hasResourcePermission(
177 companyId, name, scope, resourcePermission.getPrimKey(),
178 roleId, actionId)) {
179
180 return true;
181 }
182 }
183
184 return false;
185 }
186
187 public void mergePermissions(long fromRoleId, long toRoleId)
188 throws PortalException, SystemException {
189
190 Role fromRole = rolePersistence.findByPrimaryKey(fromRoleId);
191 Role toRole = rolePersistence.findByPrimaryKey(toRoleId);
192
193 if (fromRole.getType() != toRole.getType()) {
194 throw new PortalException("Role types are mismatched");
195 }
196 else if (PortalUtil.isSystemRole(toRole.getName())) {
197 throw new PortalException("Cannot move permissions to system role");
198 }
199 else if (PortalUtil.isSystemRole(fromRole.getName())) {
200 throw new PortalException(
201 "Cannot move permissions from system role");
202 }
203
204 List<ResourcePermission> resourcePermissions =
205 getRoleResourcePermissions(fromRoleId);
206
207 for (ResourcePermission resourcePermission : resourcePermissions) {
208 resourcePermission.setRoleId(toRoleId);
209
210 resourcePermissionPersistence.update(resourcePermission, false);
211 }
212
213 roleLocalService.deleteRole(fromRoleId);
214
215 PermissionCacheUtil.clearCache();
216 }
217
218 public void reassignPermissions(long resourcePermissionId, long toRoleId)
219 throws PortalException, SystemException {
220
221 ResourcePermission resourcePermission = getResourcePermission(
222 resourcePermissionId);
223
224 long companyId = resourcePermission.getCompanyId();
225 String name = resourcePermission.getName();
226 int scope = resourcePermission.getScope();
227 String primKey = resourcePermission.getPrimKey();
228 long fromRoleId = resourcePermission.getRoleId();
229
230 Role toRole = roleLocalService.getRole(toRoleId);
231
232 List<String> actionIds = null;
233
234 if (toRole.getType() == RoleConstants.TYPE_REGULAR) {
235 actionIds = ResourceActionsUtil.getModelResourceActions(name);
236 }
237 else {
238 actionIds =
239 ResourceActionsUtil.getModelResourceCommunityDefaultActions(
240 name);
241 }
242
243 setResourcePermissions(
244 companyId, name, scope, primKey, toRoleId,
245 actionIds.toArray(new String[actionIds.size()]));
246
247 resourcePermissionPersistence.remove(resourcePermissionId);
248
249 List<ResourcePermission> resourcePermissions =
250 getRoleResourcePermissions(fromRoleId);
251
252 if (resourcePermissions.isEmpty()) {
253 roleLocalService.deleteRole(fromRoleId);
254 }
255 }
256
257 public void removeResourcePermission(
258 long companyId, String name, int scope, String primKey, long roleId,
259 String actionId)
260 throws PortalException, SystemException {
261
262 updateResourcePermission(
263 companyId, name, scope, primKey, roleId, new String[] {actionId},
264 ResourcePermissionConstants.OPERATOR_REMOVE);
265
266 PermissionCacheUtil.clearCache();
267 }
268
269 public void removeResourcePermissions(
270 long companyId, String name, int scope, long roleId,
271 String actionId)
272 throws PortalException, SystemException {
273
274 List<ResourcePermission> resourcePermissions =
275 resourcePermissionPersistence.findByC_N_S(companyId, name, scope);
276
277 for (ResourcePermission resourcePermission : resourcePermissions) {
278 updateResourcePermission(
279 companyId, name, scope, resourcePermission.getPrimKey(), roleId,
280 new String[] {actionId},
281 ResourcePermissionConstants.OPERATOR_REMOVE);
282 }
283
284 PermissionCacheUtil.clearCache();
285 }
286
287 public void setResourcePermissions(
288 long companyId, String name, int scope, String primKey, long roleId,
289 String[] actionIds)
290 throws PortalException, SystemException {
291
292 updateResourcePermission(
293 companyId, name, scope, primKey, roleId, actionIds,
294 ResourcePermissionConstants.OPERATOR_SET);
295 }
296
297 protected void updateResourcePermission(
298 long companyId, String name, int scope, String primKey, long roleId,
299 String[] actionIds, int operator)
300 throws PortalException, SystemException {
301
302 ResourcePermission resourcePermission =
303 resourcePermissionPersistence.fetchByC_N_S_P_R(
304 companyId, name, scope, primKey, roleId);
305
306 if (resourcePermission == null) {
307 if (operator == ResourcePermissionConstants.OPERATOR_REMOVE) {
308 return;
309 }
310
311 long resourcePermissionId = counterLocalService.increment(
312 ResourcePermission.class.getName());
313
314 resourcePermission = resourcePermissionPersistence.create(
315 resourcePermissionId);
316
317 resourcePermission.setCompanyId(companyId);
318 resourcePermission.setName(name);
319 resourcePermission.setScope(scope);
320 resourcePermission.setPrimKey(primKey);
321 resourcePermission.setRoleId(roleId);
322 }
323
324 long actionIdsLong = resourcePermission.getActionIds();
325
326 if (operator == ResourcePermissionConstants.OPERATOR_SET) {
327 actionIdsLong = 0;
328 }
329
330 for (String actionId : actionIds) {
331 ResourceAction resourceAction =
332 resourceActionLocalService.getResourceAction(name, actionId);
333
334 if ((operator == ResourcePermissionConstants.OPERATOR_ADD) ||
335 (operator == ResourcePermissionConstants.OPERATOR_SET)) {
336
337 actionIdsLong |= resourceAction.getBitwiseValue();
338 }
339 else {
340 actionIdsLong =
341 actionIdsLong & (~resourceAction.getBitwiseValue());
342 }
343 }
344
345 resourcePermission.setActionIds(actionIdsLong);
346
347 resourcePermissionPersistence.update(resourcePermission, false);
348
349 PermissionCacheUtil.clearCache();
350
351 SearchEngineUtil.updatePermissionFields(name, primKey);
352 }
353
354 }