1
22
23 package com.liferay.portal.service.permission;
24
25 import com.liferay.portal.PortalException;
26 import com.liferay.portal.SystemException;
27 import com.liferay.portal.kernel.log.Log;
28 import com.liferay.portal.kernel.log.LogFactoryUtil;
29 import com.liferay.portal.model.Group;
30 import com.liferay.portal.model.GroupConstants;
31 import com.liferay.portal.model.Layout;
32 import com.liferay.portal.model.Portlet;
33 import com.liferay.portal.model.PortletConstants;
34 import com.liferay.portal.security.auth.PrincipalException;
35 import com.liferay.portal.security.permission.ActionKeys;
36 import com.liferay.portal.security.permission.PermissionChecker;
37 import com.liferay.portal.security.permission.ResourceActionsUtil;
38 import com.liferay.portal.service.GroupLocalServiceUtil;
39 import com.liferay.portal.service.LayoutLocalServiceUtil;
40 import com.liferay.portal.util.PropsValues;
41
42 import java.util.List;
43
44
49 public class PortletPermissionImpl implements PortletPermission {
50
51 public static final boolean DEFAULT_STRICT = false;
52
53 public void check(
54 PermissionChecker permissionChecker, String portletId,
55 String actionId)
56 throws PortalException, SystemException {
57
58 if (!contains(permissionChecker, portletId, actionId)) {
59 throw new PrincipalException();
60 }
61 }
62
63 public void check(
64 PermissionChecker permissionChecker, long plid, String portletId,
65 String actionId)
66 throws PortalException, SystemException {
67
68 check(permissionChecker, plid, portletId, actionId, DEFAULT_STRICT);
69 }
70
71 public void check(
72 PermissionChecker permissionChecker, long plid, String portletId,
73 String actionId, boolean strict)
74 throws PortalException, SystemException {
75
76 if (!contains(permissionChecker, plid, portletId, actionId, strict)) {
77 throw new PrincipalException();
78 }
79 }
80
81 public boolean contains(
82 PermissionChecker permissionChecker, String portletId,
83 String actionId)
84 throws PortalException, SystemException {
85
86 return contains(permissionChecker, 0, portletId, actionId);
87 }
88
89 public boolean contains(
90 PermissionChecker permissionChecker, long plid, String portletId,
91 String actionId)
92 throws PortalException, SystemException {
93
94 return contains(
95 permissionChecker, plid, portletId, actionId, DEFAULT_STRICT);
96 }
97
98 public boolean contains(
99 PermissionChecker permissionChecker, long plid, String portletId,
100 String actionId, boolean strict)
101 throws PortalException, SystemException {
102
103 long groupId = 0;
104 String name = null;
105 String primKey = null;
106
107 if (plid > 0) {
108 Layout layout = LayoutLocalServiceUtil.getLayout(plid);
109
110 groupId = layout.getGroupId();
111 name = PortletConstants.getRootPortletId(portletId);
112 primKey = getPrimaryKey(plid, portletId);
113
114 if ((layout.isPrivateLayout() &&
115 !PropsValues.LAYOUT_USER_PRIVATE_LAYOUTS_MODIFIABLE) ||
116 (layout.isPublicLayout() &&
117 !PropsValues.LAYOUT_USER_PUBLIC_LAYOUTS_MODIFIABLE)) {
118
119 if (actionId.equals(ActionKeys.CONFIGURATION)) {
120 Group group = GroupLocalServiceUtil.getGroup(
121 layout.getGroupId());
122
123 if (group.isUser()) {
124 return false;
125 }
126 }
127 }
128
129 if (actionId.equals(ActionKeys.VIEW)) {
130 Group group = GroupLocalServiceUtil.getGroup(
131 layout.getGroupId());
132
133 if (group.getName().equals(GroupConstants.CONTROL_PANEL)) {
134 return true;
135 }
136 }
137
138 if (!strict) {
139 if (LayoutPermissionUtil.contains(
140 permissionChecker, groupId, layout.isPrivateLayout(),
141 layout.getLayoutId(), ActionKeys.UPDATE) &&
142 hasLayoutManagerPermission(portletId, actionId)) {
143
144 return true;
145 }
146 }
147 }
148 else {
149 name = portletId;
150 primKey = portletId;
151 }
152
153 return permissionChecker.hasPermission(
154 groupId, name, primKey, actionId);
155 }
156
157 public boolean contains(
158 PermissionChecker permissionChecker, long plid, Portlet portlet,
159 String actionId)
160 throws PortalException, SystemException {
161
162 return contains(
163 permissionChecker, plid, portlet, actionId, DEFAULT_STRICT);
164 }
165
166 public boolean contains(
167 PermissionChecker permissionChecker, long plid, Portlet portlet,
168 String actionId, boolean strict)
169 throws PortalException, SystemException {
170
171 boolean value = contains(
172 permissionChecker, plid, portlet.getPortletId(), actionId, strict);
173
174 if (value) {
175 return true;
176 }
177 else {
178 if (portlet.isSystem() && actionId.equals(ActionKeys.VIEW)) {
179 return true;
180 }
181 else {
182 return false;
183 }
184 }
185 }
186
187 public String getPrimaryKey(long plid, String portletId) {
188 StringBuilder sb = new StringBuilder();
189
190 sb.append(plid);
191 sb.append(PortletConstants.LAYOUT_SEPARATOR);
192 sb.append(portletId);
193
194 return sb.toString();
195 }
196
197 public boolean hasLayoutManagerPermission(
198 String portletId, String actionId) {
199
200 try {
201 return hasLayoutManagerPermissionImpl(portletId, actionId);
202 }
203 catch (Exception e) {
204 _log.error(e, e);
205
206 return false;
207 }
208 }
209
210 protected boolean hasLayoutManagerPermissionImpl(
211 String portletId, String actionId) {
212
213 portletId = PortletConstants.getRootPortletId(portletId);
214
215 List<String> layoutManagerActions =
216 ResourceActionsUtil.getPortletResourceLayoutManagerActions(
217 portletId);
218
219 return layoutManagerActions.contains(actionId);
220 }
221
222 private static Log _log =
223 LogFactoryUtil.getLog(PortletPermissionImpl.class);
224
225 }