1
22
23 package com.liferay.portlet.portletconfiguration.action;
24
25 import com.liferay.portal.kernel.servlet.SessionErrors;
26 import com.liferay.portal.kernel.servlet.SessionMessages;
27 import com.liferay.portal.kernel.util.Constants;
28 import com.liferay.portal.kernel.util.GetterUtil;
29 import com.liferay.portal.kernel.util.ParamUtil;
30 import com.liferay.portal.kernel.util.StringUtil;
31 import com.liferay.portal.kernel.util.Validator;
32 import com.liferay.portal.model.Group;
33 import com.liferay.portal.model.Layout;
34 import com.liferay.portal.model.Organization;
35 import com.liferay.portal.model.Portlet;
36 import com.liferay.portal.model.PortletConstants;
37 import com.liferay.portal.model.Resource;
38 import com.liferay.portal.model.Role;
39 import com.liferay.portal.model.UserGroup;
40 import com.liferay.portal.security.auth.PrincipalException;
41 import com.liferay.portal.security.permission.ResourceActionsUtil;
42 import com.liferay.portal.service.LayoutLocalServiceUtil;
43 import com.liferay.portal.service.PermissionServiceUtil;
44 import com.liferay.portal.service.PortletLocalServiceUtil;
45 import com.liferay.portal.service.ResourceLocalServiceUtil;
46 import com.liferay.portal.service.ResourcePermissionServiceUtil;
47 import com.liferay.portal.servlet.filters.cache.CacheUtil;
48 import com.liferay.portal.theme.ThemeDisplay;
49 import com.liferay.portal.util.PropsValues;
50 import com.liferay.portal.util.WebKeys;
51
52 import java.util.ArrayList;
53 import java.util.Enumeration;
54 import java.util.List;
55
56 import javax.portlet.ActionRequest;
57 import javax.portlet.ActionResponse;
58 import javax.portlet.PortletConfig;
59 import javax.portlet.RenderRequest;
60 import javax.portlet.RenderResponse;
61
62 import org.apache.struts.action.ActionForm;
63 import org.apache.struts.action.ActionForward;
64 import org.apache.struts.action.ActionMapping;
65
66
72 public class EditPermissionsAction extends EditConfigurationAction {
73
74 public void processAction(
75 ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
76 ActionRequest actionRequest, ActionResponse actionResponse)
77 throws Exception {
78
79 String cmd = ParamUtil.getString(actionRequest, Constants.CMD);
80
81 try {
82 if (cmd.equals("group_permissions")) {
83 updateGroupPermissions(actionRequest);
84 }
85 else if (cmd.equals("guest_permissions")) {
86 updateGuestPermissions(actionRequest);
87 }
88 else if (cmd.equals("organization_permissions")) {
89 updateOrganizationPermissions(actionRequest);
90 }
91 else if (cmd.equals("role_permissions")) {
92 updateRolePermissions(actionRequest);
93 }
94 else if (cmd.equals("user_group_permissions")) {
95 updateUserGroupPermissions(actionRequest);
96 }
97 else if (cmd.equals("user_permissions")) {
98 updateUserPermissions(actionRequest);
99 }
100
101 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM < 5) {
102 String redirect = ParamUtil.getString(
103 actionRequest, "permissionsRedirect");
104
105 sendRedirect(actionRequest, actionResponse, redirect);
106 }
107 else {
108 SessionMessages.add(actionRequest, "request_processed");
109 }
110 }
111 catch (Exception e) {
112 if (e instanceof PrincipalException) {
113 SessionErrors.add(actionRequest, e.getClass().getName());
114
115 setForward(
116 actionRequest, "portlet.portlet_configuration.error");
117 }
118 else {
119 throw e;
120 }
121 }
122 }
123
124 public ActionForward render(
125 ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
126 RenderRequest renderRequest, RenderResponse renderResponse)
127 throws Exception {
128
129 ThemeDisplay themeDisplay = (ThemeDisplay)renderRequest.getAttribute(
130 WebKeys.THEME_DISPLAY);
131
132 long groupId = themeDisplay.getScopeGroupId();
133
134 String portletResource = ParamUtil.getString(
135 renderRequest, "portletResource");
136 String modelResource = ParamUtil.getString(
137 renderRequest, "modelResource");
138 String resourcePrimKey = ParamUtil.getString(
139 renderRequest, "resourcePrimKey");
140
141 String selResource = portletResource;
142
143 if (Validator.isNotNull(modelResource)) {
144 selResource = modelResource;
145 }
146
147 try {
148 PermissionServiceUtil.checkPermission(
149 groupId, selResource, resourcePrimKey);
150 }
151 catch (PrincipalException pe) {
152 SessionErrors.add(
153 renderRequest, PrincipalException.class.getName());
154
155 setForward(renderRequest, "portlet.portlet_configuration.error");
156 }
157
158 Portlet portlet = PortletLocalServiceUtil.getPortletById(
159 themeDisplay.getCompanyId(), portletResource);
160
161 if (portlet != null) {
162 renderResponse.setTitle(getTitle(portlet, renderRequest));
163 }
164
165 return mapping.findForward(getForward(
166 renderRequest, "portlet.portlet_configuration.edit_permissions"));
167 }
168
169 protected String[] getActionIds(ActionRequest actionRequest, long roleId) {
170 List<String> actionIds = new ArrayList<String>();
171
172 Enumeration<String> enu = actionRequest.getParameterNames();
173
174 while (enu.hasMoreElements()) {
175 String name = enu.nextElement();
176
177 if (name.startsWith(roleId + "_ACTION_")) {
178 int pos = name.indexOf("_ACTION_");
179
180 String actionId = name.substring(pos + 8);
181
182 actionIds.add(actionId);
183 }
184 }
185
186 return actionIds.toArray(new String[actionIds.size()]);
187 }
188
189 protected void updateGroupPermissions(ActionRequest actionRequest)
190 throws Exception {
191
192 Layout layout = (Layout)actionRequest.getAttribute(WebKeys.LAYOUT);
193
194 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
195 long groupId = ParamUtil.getLong(actionRequest, "groupId");
196 String[] actionIds = StringUtil.split(
197 ParamUtil.getString(actionRequest, "groupIdActionIds"));
198
199 PermissionServiceUtil.setGroupPermissions(
200 groupId, actionIds, resourceId);
201
202 if (!layout.isPrivateLayout()) {
203 Resource resource =
204 ResourceLocalServiceUtil.getResource(resourceId);
205
206 if (resource.getPrimKey().startsWith(
207 layout.getPlid() + PortletConstants.LAYOUT_SEPARATOR)) {
208
209 CacheUtil.clearCache(layout.getCompanyId());
210 }
211 }
212 }
213
214 protected void updateGuestPermissions(ActionRequest actionRequest)
215 throws Exception {
216
217 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
218 WebKeys.THEME_DISPLAY);
219
220 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
221 String[] actionIds = StringUtil.split(
222 ParamUtil.getString(actionRequest, "guestActionIds"));
223
224 PermissionServiceUtil.setUserPermissions(
225 themeDisplay.getDefaultUserId(), themeDisplay.getScopeGroupId(),
226 actionIds, resourceId);
227 }
228
229 protected void updateOrganizationPermissions(ActionRequest actionRequest)
230 throws Exception {
231
232 Layout layout = (Layout)actionRequest.getAttribute(WebKeys.LAYOUT);
233
234 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
235 long organizationId = ParamUtil.getLong(
236 actionRequest, "organizationIdsPosValue");
237 String[] actionIds = StringUtil.split(
238 ParamUtil.getString(actionRequest, "organizationIdActionIds"));
239
242 PermissionServiceUtil.setGroupPermissions(
244 Organization.class.getName(), String.valueOf(organizationId),
245 layout.getGroupId(), actionIds, resourceId);
246
251 }
252
253 protected void updateRolePermissions(ActionRequest actionRequest)
254 throws Exception {
255
256 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
257 updateRolePermissions_5(actionRequest);
258 }
259 else if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
260 updateRolePermissions_6(actionRequest);
261 }
262 else {
263 updateRolePermissions_1to4(actionRequest);
264 }
265 }
266
267 protected void updateRolePermissions_1to4(ActionRequest actionRequest)
268 throws Exception {
269
270 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
271 WebKeys.THEME_DISPLAY);
272
273 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
274 long roleId = ParamUtil.getLong(actionRequest, "roleIdsPosValue");
275 String[] actionIds = StringUtil.split(
276 ParamUtil.getString(actionRequest, "roleIdActionIds"));
277
278 PermissionServiceUtil.setRolePermissions(
279 roleId, themeDisplay.getScopeGroupId(), actionIds, resourceId);
280 }
281
282 protected void updateRolePermissions_5(ActionRequest actionRequest)
283 throws Exception {
284
285 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
286 WebKeys.THEME_DISPLAY);
287
288 String modelResource = ParamUtil.getString(
289 actionRequest, "modelResource");
290 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
291 long resourcePrimKey = ParamUtil.getLong(
292 actionRequest, "resourcePrimKey");
293
294 Group group = themeDisplay.getScopeGroup();
295
296 if (modelResource.equals(Layout.class.getName())) {
297 Layout layout = LayoutLocalServiceUtil.getLayout(
298 resourcePrimKey);
299
300 group = layout.getGroup();
301 }
302
303 List<Role> roles = ResourceActionsUtil.getRoles(group, modelResource);
304
305 for (Role role : roles) {
306 String[] actionIds = getActionIds(actionRequest, role.getRoleId());
307
308 PermissionServiceUtil.setRolePermissions(
309 role.getRoleId(), themeDisplay.getScopeGroupId(), actionIds,
310 resourceId);
311 }
312 }
313
314 protected void updateRolePermissions_6(ActionRequest actionRequest)
315 throws Exception {
316
317 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
318 WebKeys.THEME_DISPLAY);
319
320 String portletResource = ParamUtil.getString(
321 actionRequest, "portletResource");
322 String modelResource = ParamUtil.getString(
323 actionRequest, "modelResource");
324
325 String selResource = portletResource;
326
327 if (Validator.isNotNull(modelResource)) {
328 selResource = modelResource;
329 }
330
331 String resourcePrimKey = ParamUtil.getString(
332 actionRequest, "resourcePrimKey");
333
334 Group group = themeDisplay.getScopeGroup();
335
336 if (modelResource.equals(Layout.class.getName())) {
337 long plid = GetterUtil.getLong(resourcePrimKey);
338
339 Layout layout = LayoutLocalServiceUtil.getLayout(plid);
340
341 group = layout.getGroup();
342 }
343
344 List<Role> roles = ResourceActionsUtil.getRoles(group, modelResource);
345
346 for (Role role : roles) {
347 String[] actionIds = getActionIds(actionRequest, role.getRoleId());
348
349 ResourcePermissionServiceUtil.setIndividualResourcePermissions(
350 themeDisplay.getScopeGroupId(), themeDisplay.getCompanyId(),
351 selResource, resourcePrimKey, role.getRoleId(), actionIds);
352 }
353 }
354
355 protected void updateUserGroupPermissions(ActionRequest actionRequest)
356 throws Exception {
357
358 Layout layout = (Layout)actionRequest.getAttribute(WebKeys.LAYOUT);
359
360 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
361 long userGroupId = ParamUtil.getLong(
362 actionRequest, "userGroupIdsPosValue");
363 String[] actionIds = StringUtil.split(
364 ParamUtil.getString(actionRequest, "userGroupIdActionIds"));
365
366 PermissionServiceUtil.setGroupPermissions(
367 UserGroup.class.getName(), String.valueOf(userGroupId),
368 layout.getGroupId(), actionIds, resourceId);
369 }
370
371 protected void updateUserPermissions(ActionRequest actionRequest)
372 throws Exception {
373
374 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
375 WebKeys.THEME_DISPLAY);
376
377 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
378 long userId = ParamUtil.getLong(actionRequest, "userIdsPosValue");
379 String[] actionIds = StringUtil.split(
380 ParamUtil.getString(actionRequest, "userIdActionIds"));
381
382 PermissionServiceUtil.setUserPermissions(
383 userId, themeDisplay.getScopeGroupId(), actionIds, resourceId);
384 }
385
386 }