001    /**
002     * Copyright (c) 2000-2013 Liferay, Inc. All rights reserved.
003     *
004     * The contents of this file are subject to the terms of the Liferay Enterprise
005     * Subscription License ("License"). You may not use this file except in
006     * compliance with the License. You can obtain a copy of the License by
007     * contacting Liferay, Inc. See the License for the specific language governing
008     * permissions and limitations under the License, including but not limited to
009     * distribution rights of the Software.
010     *
011     *
012     *
013     */
014    
015    package com.liferay.portlet.iframe.util;
016    
017    import com.liferay.portal.kernel.exception.PortalException;
018    import com.liferay.portal.kernel.exception.SystemException;
019    import com.liferay.portal.kernel.log.Log;
020    import com.liferay.portal.kernel.log.LogFactoryUtil;
021    import com.liferay.portal.kernel.util.StringPool;
022    import com.liferay.portal.kernel.util.Validator;
023    import com.liferay.portal.model.Layout;
024    import com.liferay.portal.model.Role;
025    import com.liferay.portal.model.User;
026    import com.liferay.portal.service.RoleLocalServiceUtil;
027    import com.liferay.portal.service.UserLocalServiceUtil;
028    import com.liferay.portal.theme.ThemeDisplay;
029    import com.liferay.portal.util.PortalUtil;
030    import com.liferay.portal.util.PropsValues;
031    import com.liferay.portal.util.WebKeys;
032    
033    import javax.portlet.PortletRequest;
034    
035    /**
036     * @author Amos Fong
037     */
038    public class IFrameUtil {
039    
040            public static String getPassword(
041                            PortletRequest portletRequest, String password)
042                    throws PortalException, SystemException {
043    
044                    if (Validator.isNotNull(password) && password.equals("@password@")) {
045                            if (isPasswordTokenResolutionEnabled(portletRequest)) {
046                                    password = PortalUtil.getUserPassword(portletRequest);
047                            }
048                    }
049    
050                    if (password == null) {
051                            password = StringPool.BLANK;
052                    }
053    
054                    return password;
055            }
056    
057            public static String getUserName(
058                            PortletRequest portletRequest, String userName)
059                    throws PortalException, SystemException {
060    
061                    User user = PortalUtil.getUser(portletRequest);
062    
063                    if (user == null) {
064                            return userName;
065                    }
066    
067                    if (Validator.isNull(userName) || userName.equals("@user_id@")) {
068                            userName = portletRequest.getRemoteUser();
069                    }
070                    else if (userName.equals("@email_address@")) {
071                            userName = user.getEmailAddress();
072                    }
073                    else if (userName.equals("@screen_name@")) {
074                            userName = user.getScreenName();
075                    }
076    
077                    return userName;
078            }
079    
080            public static boolean isPasswordTokenEnabled(PortletRequest portletRequest)
081                    throws PortalException, SystemException {
082    
083                    if (!PropsValues.SESSION_STORE_PASSWORD) {
084                            return false;
085                    }
086    
087                    ThemeDisplay themeDisplay = (ThemeDisplay)portletRequest.getAttribute(
088                            WebKeys.THEME_DISPLAY);
089    
090                    Layout layout = themeDisplay.getLayout();
091    
092                    String roleName = PropsValues.IFRAME_PASSWORD_PASSWORD_TOKEN_ROLE;
093    
094                    if (layout.isPrivateLayout() && layout.getGroup().isUser() &&
095                            (themeDisplay.getRealUserId() == layout.getGroup().getClassPK())) {
096    
097                            return true;
098                    }
099    
100                    if (Validator.isNull(roleName)) {
101                            return false;
102                    }
103    
104                    try {
105                            Role role = RoleLocalServiceUtil.getRole(
106                                    themeDisplay.getCompanyId(), roleName);
107    
108                            if (UserLocalServiceUtil.hasRoleUser(
109                                            role.getRoleId(), themeDisplay.getUserId())) {
110    
111                                    return true;
112                            }
113                    }
114                    catch (Exception e) {
115                            if (_log.isWarnEnabled()) {
116                                    _log.warn(
117                                            "Error getting role " + roleName + ". The password token " +
118                                                    "will be disabled.");
119                            }
120                    }
121    
122                    return false;
123            }
124    
125            public static boolean isPasswordTokenResolutionEnabled(
126                            PortletRequest portletRequest)
127                    throws PortalException, SystemException {
128    
129                    if (!PropsValues.SESSION_STORE_PASSWORD) {
130                            return false;
131                    }
132    
133                    ThemeDisplay themeDisplay = (ThemeDisplay)portletRequest.getAttribute(
134                            WebKeys.THEME_DISPLAY);
135    
136                    Layout layout = themeDisplay.getLayout();
137    
138                    if (layout.isPrivateLayout() && layout.getGroup().isUser() &&
139                            (themeDisplay.getRealUserId() != layout.getGroup().getClassPK())) {
140    
141                            return false;
142                    }
143    
144                    return true;
145            }
146    
147            private static Log _log = LogFactoryUtil.getLog(IFrameUtil.class);
148    
149    }