001    /**
002     * Copyright (c) 2000-2013 Liferay, Inc. All rights reserved.
003     *
004     * The contents of this file are subject to the terms of the Liferay Enterprise
005     * Subscription License ("License"). You may not use this file except in
006     * compliance with the License. You can obtain a copy of the License by
007     * contacting Liferay, Inc. See the License for the specific language governing
008     * permissions and limitations under the License, including but not limited to
009     * distribution rights of the Software.
010     *
011     *
012     *
013     */
014    
015    package com.liferay.portal.security.permission;
016    
017    import com.liferay.portal.NoSuchResourceActionException;
018    import com.liferay.portal.ResourceActionsException;
019    import com.liferay.portal.kernel.bean.BeanReference;
020    import com.liferay.portal.kernel.exception.SystemException;
021    import com.liferay.portal.kernel.language.LanguageUtil;
022    import com.liferay.portal.kernel.log.Log;
023    import com.liferay.portal.kernel.log.LogFactoryUtil;
024    import com.liferay.portal.kernel.security.pacl.DoPrivileged;
025    import com.liferay.portal.kernel.util.CharPool;
026    import com.liferay.portal.kernel.util.ContentTypes;
027    import com.liferay.portal.kernel.util.GetterUtil;
028    import com.liferay.portal.kernel.util.ListUtil;
029    import com.liferay.portal.kernel.util.StringPool;
030    import com.liferay.portal.kernel.util.StringUtil;
031    import com.liferay.portal.kernel.util.UniqueList;
032    import com.liferay.portal.kernel.util.UnmodifiableList;
033    import com.liferay.portal.kernel.util.Validator;
034    import com.liferay.portal.kernel.xml.Document;
035    import com.liferay.portal.kernel.xml.DocumentType;
036    import com.liferay.portal.kernel.xml.Element;
037    import com.liferay.portal.kernel.xml.UnsecureSAXReaderUtil;
038    import com.liferay.portal.model.Group;
039    import com.liferay.portal.model.LayoutPrototype;
040    import com.liferay.portal.model.LayoutSetPrototype;
041    import com.liferay.portal.model.Organization;
042    import com.liferay.portal.model.PasswordPolicy;
043    import com.liferay.portal.model.Portlet;
044    import com.liferay.portal.model.PortletConstants;
045    import com.liferay.portal.model.ResourceAction;
046    import com.liferay.portal.model.Role;
047    import com.liferay.portal.model.RoleConstants;
048    import com.liferay.portal.model.User;
049    import com.liferay.portal.model.UserGroup;
050    import com.liferay.portal.service.GroupServiceUtil;
051    import com.liferay.portal.service.PortletLocalService;
052    import com.liferay.portal.service.ResourceActionLocalService;
053    import com.liferay.portal.service.RoleLocalService;
054    import com.liferay.portal.util.PortletKeys;
055    import com.liferay.portal.util.PropsValues;
056    import com.liferay.portlet.PortletResourceBundles;
057    import com.liferay.portlet.expando.model.ExpandoColumn;
058    import com.liferay.portlet.mobiledevicerules.model.MDRRuleGroup;
059    import com.liferay.util.JS;
060    
061    import java.io.InputStream;
062    
063    import java.util.ArrayList;
064    import java.util.Collections;
065    import java.util.HashMap;
066    import java.util.HashSet;
067    import java.util.Iterator;
068    import java.util.List;
069    import java.util.Locale;
070    import java.util.Map;
071    import java.util.Set;
072    
073    import javax.servlet.jsp.PageContext;
074    
075    /**
076     * @author Brian Wing Shun Chan
077     * @author Daeyoung Song
078     * @author Raymond Aug??
079     */
080    @DoPrivileged
081    public class ResourceActionsImpl implements ResourceActions {
082    
083            public void afterPropertiesSet() {
084                    _organizationModelResources = new HashSet<String>();
085    
086                    for (String resource : getOrganizationModelResources()) {
087                            _organizationModelResources.add(resource);
088                    }
089    
090                    _portalModelResources = new HashSet<String>();
091    
092                    for (String resource : getPortalModelResources()) {
093                            _portalModelResources.add(resource);
094                    }
095    
096                    _portletModelResources = new HashMap<String, Set<String>>();
097                    _portletResourceActions = new HashMap<String, List<String>>();
098                    _portletResourceGroupDefaultActions =
099                            new HashMap<String, List<String>>();
100                    _portletResourceGuestDefaultActions =
101                            new HashMap<String, List<String>>();
102                    _portletResourceGuestUnsupportedActions =
103                            new HashMap<String, List<String>>();
104                    _portletResourceLayoutManagerActions =
105                            new HashMap<String, List<String>>();
106                    _portletRootModelResource = new HashMap<String, String>();
107                    _modelPortletResources = new HashMap<String, Set<String>>();
108                    _modelResourceActions = new HashMap<String, List<String>>();
109                    _modelResourceGroupDefaultActions = new HashMap<String, List<String>>();
110                    _modelResourceGuestDefaultActions = new HashMap<String, List<String>>();
111                    _modelResourceGuestUnsupportedActions =
112                            new HashMap<String, List<String>>();
113                    _modelResourceOwnerDefaultActions = new HashMap<String, List<String>>();
114                    _modelResourceWeights = new HashMap<String, Double>();
115    
116                    try {
117                            ClassLoader classLoader = getClass().getClassLoader();
118    
119                            for (String config : PropsValues.RESOURCE_ACTIONS_CONFIGS) {
120                                    read(null, classLoader, config);
121                            }
122                    }
123                    catch (Exception e) {
124                            _log.error(e, e);
125                    }
126            }
127    
128            @Override
129            public void checkAction(String name, String actionId)
130                    throws NoSuchResourceActionException {
131    
132                    List<String> resourceActions = getResourceActions(name);
133    
134                    if (!resourceActions.contains(actionId)) {
135                            throw new NoSuchResourceActionException(
136                                    name.concat(StringPool.POUND).concat(actionId));
137                    }
138            }
139    
140            @Override
141            public String getAction(Locale locale, String action) {
142                    String key = getActionNamePrefix() + action;
143    
144                    String value = LanguageUtil.get(locale, key, null);
145    
146                    if ((value == null) || value.equals(key)) {
147                            value = PortletResourceBundles.getString(locale, key);
148                    }
149    
150                    if (value == null) {
151                            value = key;
152                    }
153    
154                    return value;
155            }
156    
157            @Override
158            public String getAction(PageContext pageContext, String action) {
159                    String key = getActionNamePrefix() + action;
160    
161                    String value = LanguageUtil.get(pageContext, key, null);
162    
163                    if ((value == null) || value.equals(key)) {
164                            value = PortletResourceBundles.getString(pageContext, key);
165                    }
166    
167                    if (value == null) {
168                            value = key;
169                    }
170    
171                    return value;
172            }
173    
174            @Override
175            public String getActionNamePrefix() {
176                    return _ACTION_NAME_PREFIX;
177            }
178    
179            @Override
180            public List<String> getActionsNames(
181                    PageContext pageContext, List<String> actions) {
182    
183                    List<String> actionNames = new UniqueList<String>();
184    
185                    for (String action : actions) {
186                            actionNames.add(getAction(pageContext, action));
187                    }
188    
189                    return actionNames;
190            }
191    
192            @Override
193            public List<String> getActionsNames(
194                    PageContext pageContext, String name, long actionIds) {
195    
196                    try {
197                            List<ResourceAction> resourceActions =
198                                    resourceActionLocalService.getResourceActions(name);
199    
200                            List<String> actions = new ArrayList<String>();
201    
202                            for (ResourceAction resourceAction : resourceActions) {
203                                    long bitwiseValue = resourceAction.getBitwiseValue();
204    
205                                    if ((actionIds & bitwiseValue) == bitwiseValue) {
206                                            actions.add(resourceAction.getActionId());
207                                    }
208                            }
209    
210                            return getActionsNames(pageContext, actions);
211                    }
212                    catch (Exception e) {
213                            _log.error(e, e);
214    
215                            return Collections.emptyList();
216                    }
217            }
218    
219            @Override
220            public List<String> getModelNames() {
221                    return ListUtil.fromMapKeys(_modelPortletResources);
222            }
223    
224            @Override
225            public List<String> getModelPortletResources(String name) {
226                    Set<String> resources = _modelPortletResources.get(name);
227    
228                    if (resources == null) {
229                            return new UniqueList<String>();
230                    }
231                    else {
232                            return Collections.list(Collections.enumeration(resources));
233                    }
234            }
235    
236            @Override
237            public String getModelResource(Locale locale, String name) {
238                    String key = getModelResourceNamePrefix() + name;
239    
240                    String value = LanguageUtil.get(locale, key, null);
241    
242                    if ((value == null) || value.equals(key)) {
243                            value = PortletResourceBundles.getString(locale, key);
244                    }
245    
246                    if (value == null) {
247                            value = key;
248                    }
249    
250                    return value;
251            }
252    
253            @Override
254            public String getModelResource(PageContext pageContext, String name) {
255                    String key = getModelResourceNamePrefix() + name;
256    
257                    String value = LanguageUtil.get(pageContext, key, null);
258    
259                    if ((value == null) || value.equals(key)) {
260                            value = PortletResourceBundles.getString(pageContext, key);
261                    }
262    
263                    if (value == null) {
264                            value = key;
265                    }
266    
267                    return value;
268            }
269    
270            @Override
271            public List<String> getModelResourceActions(String name) {
272                    return getActions(_modelResourceActions, name);
273            }
274    
275            @Override
276            public List<String> getModelResourceGroupDefaultActions(String name) {
277                    return getActions(_modelResourceGroupDefaultActions, name);
278            }
279    
280            @Override
281            public List<String> getModelResourceGuestDefaultActions(String name) {
282                    return getActions(_modelResourceGuestDefaultActions, name);
283            }
284    
285            @Override
286            public List<String> getModelResourceGuestUnsupportedActions(String name) {
287                    return getActions(_modelResourceGuestUnsupportedActions, name);
288            }
289    
290            @Override
291            public String getModelResourceNamePrefix() {
292                    return _MODEL_RESOURCE_NAME_PREFIX;
293            }
294    
295            @Override
296            public List<String> getModelResourceOwnerDefaultActions(String name) {
297                    return getActions(_modelResourceOwnerDefaultActions, name);
298            }
299    
300            @Override
301            public Double getModelResourceWeight(String name) {
302                    return _modelResourceWeights.get(name);
303            }
304    
305            @Override
306            public String[] getOrganizationModelResources() {
307                    return _ORGANIZATION_MODEL_RESOURCES;
308            }
309    
310            @Override
311            public String[] getPortalModelResources() {
312                    return _PORTAL_MODEL_RESOURCES;
313            }
314    
315            @Override
316            public String getPortletBaseResource(String portletName) {
317                    List<String> modelNames = getPortletModelResources(portletName);
318    
319                    for (String modelName : modelNames) {
320                            if (!modelName.contains(".model.")) {
321                                    return modelName;
322                            }
323                    }
324    
325                    return null;
326            }
327    
328            @Override
329            public List<String> getPortletModelResources(String portletName) {
330                    portletName = PortletConstants.getRootPortletId(portletName);
331    
332                    Set<String> resources = _portletModelResources.get(portletName);
333    
334                    if (resources == null) {
335                            return new UniqueList<String>();
336                    }
337                    else {
338                            return Collections.list(Collections.enumeration(resources));
339                    }
340            }
341    
342            @Override
343            public List<String> getPortletNames() {
344                    return ListUtil.fromMapKeys(_portletModelResources);
345            }
346    
347            @Override
348            public List<String> getPortletResourceActions(Portlet portlet) {
349                    List<String> actions = ListUtil.copy(
350                            getPortletResourceActions(portlet.getPortletId()));
351    
352                    synchronized (this) {
353                            checkPortletActions(portlet, actions);
354    
355                            setActions(
356                                    _portletResourceActions, portlet.getPortletId(), actions);
357                    }
358    
359                    return actions;
360            }
361    
362            @Override
363            public List<String> getPortletResourceActions(String name) {
364                    name = PortletConstants.getRootPortletId(name);
365    
366                    List<String> actions = getActions(_portletResourceActions, name);
367    
368                    if (!actions.isEmpty()) {
369                            return actions;
370                    }
371    
372                    synchronized (this) {
373                            actions = getPortletMimeTypeActions(name);
374    
375                            if (!name.equals(PortletKeys.PORTAL)) {
376                                    checkPortletActions(name, actions);
377                            }
378    
379                            List<String> groupDefaultActions =
380                                    _portletResourceGroupDefaultActions.get(name);
381    
382                            if (groupDefaultActions == null) {
383                                    groupDefaultActions = new UniqueList<String>();
384    
385                                    checkPortletGroupDefaultActions(groupDefaultActions);
386    
387                                    _portletResourceGroupDefaultActions.put(
388                                            name, new UnmodifiableList<String>(groupDefaultActions));
389                            }
390    
391                            List<String> guestDefaultActions =
392                                    _portletResourceGuestDefaultActions.get(name);
393    
394                            if (guestDefaultActions == null) {
395                                    guestDefaultActions = new UniqueList<String>();
396    
397                                    checkPortletGuestDefaultActions(guestDefaultActions);
398    
399                                    _portletResourceGuestDefaultActions.put(
400                                            name, new UnmodifiableList<String>(guestDefaultActions));
401                            }
402    
403                            List<String> layoutManagerActions =
404                                    _portletResourceLayoutManagerActions.get(name);
405    
406                            if (layoutManagerActions == null) {
407                                    layoutManagerActions = new UniqueList<String>();
408    
409                                    checkPortletLayoutManagerActions(layoutManagerActions);
410    
411                                    _portletResourceLayoutManagerActions.put(
412                                            name, new UnmodifiableList<String>(layoutManagerActions));
413                            }
414    
415                            actions = setActions(_portletResourceActions, name, actions);
416                    }
417    
418                    return actions;
419            }
420    
421            @Override
422            public List<String> getPortletResourceGroupDefaultActions(String name) {
423    
424                    // This method should always be called only after
425                    // _getPortletResourceActions has been called at least once to populate
426                    // the default group actions. Check to make sure this is the case.
427                    // However, if it is not, that means the methods
428                    // getPortletResourceGuestDefaultActions and
429                    // getPortletResourceGuestDefaultActions may not work either.
430    
431                    name = PortletConstants.getRootPortletId(name);
432    
433                    return getActions(_portletResourceGroupDefaultActions, name);
434            }
435    
436            @Override
437            public List<String> getPortletResourceGuestDefaultActions(String name) {
438                    name = PortletConstants.getRootPortletId(name);
439    
440                    return getActions(_portletResourceGuestDefaultActions, name);
441            }
442    
443            @Override
444            public List<String> getPortletResourceGuestUnsupportedActions(String name) {
445                    name = PortletConstants.getRootPortletId(name);
446    
447                    List<String> actions = getActions(
448                            _portletResourceGuestUnsupportedActions, name);
449    
450                    if (actions.contains(ActionKeys.CONFIGURATION) &&
451                            actions.contains(ActionKeys.PERMISSIONS)) {
452    
453                            return actions;
454                    }
455    
456                    actions = new UniqueList<String>(actions);
457    
458                    actions.add(ActionKeys.CONFIGURATION);
459                    actions.add(ActionKeys.PERMISSIONS);
460    
461                    setActions(_portletResourceGuestUnsupportedActions, name, actions);
462    
463                    return actions;
464            }
465    
466            @Override
467            public List<String> getPortletResourceLayoutManagerActions(String name) {
468                    name = PortletConstants.getRootPortletId(name);
469    
470                    List<String> actions = getActions(
471                            _portletResourceLayoutManagerActions, name);
472    
473                    // This check can never return an empty list. If the list is empty, it
474                    // means that the portlet does not have an explicit resource-actions
475                    // configuration file and should therefore be handled as if it has
476                    // defaults of CONFIGURATION, PREFERENCES, and VIEW.
477    
478                    if (actions.isEmpty()) {
479                            actions = new UniqueList<String>();
480    
481                            actions.add(ActionKeys.CONFIGURATION);
482                            actions.add(ActionKeys.PREFERENCES);
483                            actions.add(ActionKeys.VIEW);
484    
485                            setActions(_portletResourceLayoutManagerActions, name, actions);
486                    }
487    
488                    return actions;
489            }
490    
491            @Override
492            public String getPortletRootModelResource(String portletName) {
493                    portletName = PortletConstants.getRootPortletId(portletName);
494    
495                    return _portletRootModelResource.get(portletName);
496            }
497    
498            @Override
499            public List<String> getResourceActions(String name) {
500                    if (name.indexOf(CharPool.PERIOD) != -1) {
501                            return getModelResourceActions(name);
502                    }
503                    else {
504                            return getPortletResourceActions(name);
505                    }
506            }
507    
508            @Override
509            public List<String> getResourceActions(
510                    String portletResource, String modelResource) {
511    
512                    List<String> actions = null;
513    
514                    if (Validator.isNull(modelResource)) {
515                            actions = getPortletResourceActions(portletResource);
516                    }
517                    else {
518                            actions = getModelResourceActions(modelResource);
519                    }
520    
521                    return actions;
522            }
523    
524            @Override
525            public List<String> getResourceGroupDefaultActions(String name) {
526                    if (name.contains(StringPool.PERIOD)) {
527                            return getModelResourceGroupDefaultActions(name);
528                    }
529                    else {
530                            return getPortletResourceGroupDefaultActions(name);
531                    }
532            }
533    
534            @Override
535            public List<String> getResourceGuestUnsupportedActions(
536                    String portletResource, String modelResource) {
537    
538                    List<String> actions = null;
539    
540                    if (Validator.isNull(modelResource)) {
541                            actions = getPortletResourceGuestUnsupportedActions(
542                                    portletResource);
543                    }
544                    else {
545                            actions = getModelResourceGuestUnsupportedActions(modelResource);
546                    }
547    
548                    return actions;
549            }
550    
551            /**
552             * @deprecated As of 6.1.0, replaced by {@link #getRoles(long, Group,
553             *             String, int[])}
554             */
555            @Override
556            public List<Role> getRoles(
557                            long companyId, Group group, String modelResource)
558                    throws SystemException {
559    
560                    return getRoles(companyId, group, modelResource, null);
561            }
562    
563            @Override
564            public List<Role> getRoles(
565                            long companyId, Group group, String modelResource, int[] roleTypes)
566                    throws SystemException {
567    
568                    if (roleTypes == null) {
569                            roleTypes = getRoleTypes(companyId, group, modelResource);
570                    }
571    
572                    return roleLocalService.getRoles(companyId, roleTypes);
573            }
574    
575            @Override
576            public boolean hasModelResourceActions(String name) {
577                    List<String> actions = _modelResourceActions.get(name);
578    
579                    if ((actions != null) && !actions.isEmpty()) {
580                            return true;
581                    }
582                    else {
583                            return false;
584                    }
585            }
586    
587            @Override
588            public boolean isOrganizationModelResource(String modelResource) {
589                    if (_organizationModelResources.contains(modelResource)) {
590                            return true;
591                    }
592                    else {
593                            return false;
594                    }
595            }
596    
597            @Override
598            public boolean isPortalModelResource(String modelResource) {
599                    if (_portalModelResources.contains(modelResource)) {
600                            return true;
601                    }
602                    else {
603                            return false;
604                    }
605            }
606    
607            @Override
608            public void read(
609                            String servletContextName, ClassLoader classLoader, String source)
610                    throws Exception {
611    
612                    InputStream inputStream = classLoader.getResourceAsStream(source);
613    
614                    if (inputStream == null) {
615                            if (_log.isWarnEnabled() && !source.endsWith("-ext.xml")) {
616                                    _log.warn("Cannot load " + source);
617                            }
618    
619                            return;
620                    }
621    
622                    if (_log.isDebugEnabled()) {
623                            _log.debug("Loading " + source);
624                    }
625    
626                    Document document = UnsecureSAXReaderUtil.read(inputStream, true);
627    
628                    DocumentType documentType = document.getDocumentType();
629    
630                    String publicId = GetterUtil.getString(documentType.getPublicId());
631    
632                    if (publicId.equals(
633                                    "-//Liferay//DTD Resource Action Mapping 6.0.0//EN")) {
634    
635                            if (_log.isWarnEnabled()) {
636                                    _log.warn(
637                                            "Please update " + source + " to use the 6.1.0 format");
638                            }
639                    }
640    
641                    Element rootElement = document.getRootElement();
642    
643                    for (Element resourceElement : rootElement.elements("resource")) {
644                            String file = resourceElement.attributeValue("file").trim();
645    
646                            read(servletContextName, classLoader, file);
647    
648                            String extFile = StringUtil.replace(file, ".xml", "-ext.xml");
649    
650                            read(servletContextName, classLoader, extFile);
651                    }
652    
653                    read(servletContextName, document);
654            }
655    
656            @Override
657            public void read(String servletContextName, InputStream inputStream)
658                    throws Exception {
659    
660                    Document document = UnsecureSAXReaderUtil.read(inputStream, true);
661    
662                    read(servletContextName, document);
663            }
664    
665            protected void checkGuestUnsupportedActions(
666                    List<String> guestUnsupportedActions,
667                    List<String> guestDefaultActions) {
668    
669                    // Guest default actions cannot reference guest unsupported actions
670    
671                    Iterator<String> itr = guestDefaultActions.iterator();
672    
673                    while (itr.hasNext()) {
674                            String actionId = itr.next();
675    
676                            if (guestUnsupportedActions.contains(actionId)) {
677                                    itr.remove();
678                            }
679                    }
680            }
681    
682            protected void checkModelActions(List<String> actions) {
683                    if (!actions.contains(ActionKeys.PERMISSIONS)) {
684                            actions.add(ActionKeys.PERMISSIONS);
685                    }
686            }
687    
688            protected void checkPortletActions(Portlet portlet, List<String> actions) {
689                    checkPortletLayoutManagerActions(actions);
690    
691                    if ((portlet != null) &&
692                            (portlet.getControlPanelEntryCategory() != null) &&
693                            !actions.contains(ActionKeys.ACCESS_IN_CONTROL_PANEL)) {
694    
695                            actions.add(ActionKeys.ACCESS_IN_CONTROL_PANEL);
696                    }
697            }
698    
699            protected void checkPortletActions(String name, List<String> actions) {
700                    Portlet portlet = portletLocalService.getPortletById(name);
701    
702                    checkPortletActions(portlet, actions);
703            }
704    
705            protected void checkPortletGroupDefaultActions(List<String> actions) {
706                    if (actions.isEmpty()) {
707                            actions.add(ActionKeys.VIEW);
708                    }
709            }
710    
711            protected void checkPortletGuestDefaultActions(List<String> actions) {
712                    if (actions.isEmpty()) {
713                            actions.add(ActionKeys.VIEW);
714                    }
715            }
716    
717            protected void checkPortletLayoutManagerActions(List<String> actions) {
718                    if (!actions.contains(ActionKeys.ACCESS_IN_CONTROL_PANEL) &&
719                            !actions.contains(ActionKeys.ADD_TO_PAGE)) {
720    
721                            actions.add(ActionKeys.ADD_TO_PAGE);
722                    }
723    
724                    if (!actions.contains(ActionKeys.CONFIGURATION)) {
725                            actions.add(ActionKeys.CONFIGURATION);
726                    }
727    
728                    if (!actions.contains(ActionKeys.PERMISSIONS)) {
729                            actions.add(ActionKeys.PERMISSIONS);
730                    }
731    
732                    if (!actions.contains(ActionKeys.PREFERENCES)) {
733                            actions.add(ActionKeys.PREFERENCES);
734                    }
735    
736                    if (!actions.contains(ActionKeys.VIEW)) {
737                            actions.add(ActionKeys.VIEW);
738                    }
739            }
740    
741            protected List<String> getActions(
742                    Map<String, List<String>> actionsMap, String name) {
743    
744                    List<String> actions = actionsMap.get(name);
745    
746                    if (actions == null) {
747                            actions = new UniqueList<String>();
748    
749                            actionsMap.put(name, actions);
750                    }
751    
752                    return actions;
753            }
754    
755            protected Element getPermissionsChildElement(
756                    Element parentElement, String childElementName) {
757    
758                    Element permissionsElement = parentElement.element("permissions");
759    
760                    if (permissionsElement != null) {
761                            return permissionsElement.element(childElementName);
762                    }
763                    else {
764                            return parentElement.element(childElementName);
765                    }
766            }
767    
768            protected List<String> getPortletMimeTypeActions(String name) {
769                    List<String> actions = new UniqueList<String>();
770    
771                    Portlet portlet = portletLocalService.getPortletById(name);
772    
773                    if (portlet != null) {
774                            Map<String, Set<String>> portletModes = portlet.getPortletModes();
775    
776                            Set<String> mimeTypePortletModes = portletModes.get(
777                                    ContentTypes.TEXT_HTML);
778    
779                            if (mimeTypePortletModes != null) {
780                                    for (String actionId : mimeTypePortletModes) {
781                                            if (StringUtil.equalsIgnoreCase(actionId, "edit")) {
782                                                    actions.add(ActionKeys.PREFERENCES);
783                                            }
784                                            else if (StringUtil.equalsIgnoreCase(
785                                                                    actionId, "edit_guest")) {
786    
787                                                    actions.add(ActionKeys.GUEST_PREFERENCES);
788                                            }
789                                            else {
790                                                    actions.add(StringUtil.toUpperCase(actionId));
791                                            }
792                                    }
793                            }
794                    }
795                    else {
796                            if (_log.isDebugEnabled()) {
797                                    _log.debug(
798                                            "Unable to obtain resource actions for unknown portlet " +
799                                                    name);
800                            }
801                    }
802    
803                    return actions;
804            }
805    
806            protected int[] getRoleTypes(
807                    long companyId, Group group, String modelResource) {
808    
809                    int[] types = RoleConstants.TYPES_REGULAR_AND_SITE;
810    
811                    if (isPortalModelResource(modelResource)) {
812                            if (modelResource.equals(Organization.class.getName()) ||
813                                    modelResource.equals(User.class.getName())) {
814    
815                                    types = RoleConstants.TYPES_ORGANIZATION_AND_REGULAR;
816                            }
817                            else {
818                                    types = RoleConstants.TYPES_REGULAR;
819                            }
820                    }
821                    else {
822                            if (group != null) {
823                                    if (group.isLayout()) {
824                                            try {
825                                                    group = GroupServiceUtil.getGroup(
826                                                            group.getParentGroupId());
827                                            }
828                                            catch (Exception e) {
829                                            }
830                                    }
831    
832                                    if (group.isOrganization()) {
833                                            types =
834                                                    RoleConstants.TYPES_ORGANIZATION_AND_REGULAR_AND_SITE;
835                                    }
836                                    else if (group.isUser()) {
837                                            types = RoleConstants.TYPES_REGULAR;
838                                    }
839                            }
840                    }
841    
842                    return types;
843            }
844    
845            protected void read(String servletContextName, Document document)
846                    throws Exception {
847    
848                    Element rootElement = document.getRootElement();
849    
850                    if (PropsValues.RESOURCE_ACTIONS_READ_PORTLET_RESOURCES) {
851                            for (Element portletResourceElement :
852                                            rootElement.elements("portlet-resource")) {
853    
854                                    readPortletResource(servletContextName, portletResourceElement);
855                            }
856                    }
857    
858                    for (Element modelResourceElement :
859                                    rootElement.elements("model-resource")) {
860    
861                            readModelResource(servletContextName, modelResourceElement);
862                    }
863            }
864    
865            protected List<String> readActionKeys(Element parentElement) {
866                    List<String> actions = new ArrayList<String>();
867    
868                    for (Element actionKeyElement : parentElement.elements("action-key")) {
869                            String actionKey = actionKeyElement.getTextTrim();
870    
871                            if (Validator.isNull(actionKey)) {
872                                    continue;
873                            }
874    
875                            actions.add(actionKey);
876                    }
877    
878                    return actions;
879            }
880    
881            protected void readGroupDefaultActions(
882                    Element parentElement, Map<String, List<String>> actionsMap,
883                    String name) {
884    
885                    List<String> groupDefaultActions = new UniqueList<String>(
886                            getActions(actionsMap, name));
887    
888                    Element groupDefaultsElement = getPermissionsChildElement(
889                            parentElement, "site-member-defaults");
890    
891                    if (groupDefaultsElement == null) {
892                            groupDefaultsElement = getPermissionsChildElement(
893                                    parentElement, "community-defaults");
894    
895                            if (_log.isWarnEnabled() && (groupDefaultsElement != null)) {
896                                    _log.warn(
897                                            "The community-defaults element is deprecated. Use the " +
898                                                    "site-member-defaults element instead.");
899                            }
900                    }
901    
902                    groupDefaultActions.addAll(readActionKeys(groupDefaultsElement));
903    
904                    setActions(actionsMap, name, groupDefaultActions);
905            }
906    
907            protected List<String> readGuestDefaultActions(
908                    Element parentElement, Map<String, List<String>> actionsMap,
909                    String name) {
910    
911                    List<String> guestDefaultActions = new UniqueList<String>(
912                            getActions(actionsMap, name));
913    
914                    Element guestDefaultsElement = getPermissionsChildElement(
915                            parentElement, "guest-defaults");
916    
917                    guestDefaultActions.addAll(readActionKeys(guestDefaultsElement));
918    
919                    return guestDefaultActions;
920            }
921    
922            protected void readGuestUnsupportedActions(
923                    Element parentElement, Map<String, List<String>> actionsMap,
924                    String name, List<String> guestDefaultActions) {
925    
926                    List<String> guestUnsupportedActions = new UniqueList<String>(
927                            getActions(actionsMap, name));
928    
929                    Element guestUnsupportedElement = getPermissionsChildElement(
930                            parentElement, "guest-unsupported");
931    
932                    guestUnsupportedActions.addAll(readActionKeys(guestUnsupportedElement));
933    
934                    checkGuestUnsupportedActions(
935                            guestUnsupportedActions, guestDefaultActions);
936    
937                    setActions(actionsMap, name, guestUnsupportedActions);
938            }
939    
940            protected void readLayoutManagerActions(
941                    Element parentElement, Map<String, List<String>> actionsMap,
942                    String name, List<String> supportsActions) {
943    
944                    List<String> layoutManagerActions = new UniqueList<String>(
945                            getActions(actionsMap, name));
946    
947                    Element layoutManagerElement = getPermissionsChildElement(
948                            parentElement, "layout-manager");
949    
950                    if (layoutManagerElement != null) {
951                            layoutManagerActions.addAll(readActionKeys(layoutManagerElement));
952                    }
953                    else {
954                            layoutManagerActions.addAll(supportsActions);
955                    }
956    
957                    setActions(actionsMap, name, layoutManagerActions);
958            }
959    
960            protected void readModelResource(
961                            String servletContextName, Element modelResourceElement)
962                    throws Exception {
963    
964                    String name = modelResourceElement.elementTextTrim("model-name");
965    
966                    Element portletRefElement = modelResourceElement.element("portlet-ref");
967    
968                    for (Element portletNameElement :
969                                    portletRefElement.elements("portlet-name")) {
970    
971                            String portletName = portletNameElement.getTextTrim();
972    
973                            if (servletContextName != null) {
974                                    portletName = portletName.concat(
975                                            PortletConstants.WAR_SEPARATOR).concat(servletContextName);
976                            }
977    
978                            portletName = JS.getSafeName(portletName);
979    
980                            // Reference for a portlet to child models
981    
982                            Set<String> modelResources = _portletModelResources.get(
983                                    portletName);
984    
985                            if (modelResources == null) {
986                                    modelResources = new HashSet<String>();
987    
988                                    _portletModelResources.put(portletName, modelResources);
989                            }
990    
991                            modelResources.add(name);
992    
993                            // Reference for a model to parent portlets
994    
995                            Set<String> portletResources = _modelPortletResources.get(name);
996    
997                            if (portletResources == null) {
998                                    portletResources = new HashSet<String>();
999    
1000                                    _modelPortletResources.put(name, portletResources);
1001                            }
1002    
1003                            portletResources.add(portletName);
1004    
1005                            // Reference for a model to root portlets
1006    
1007                            boolean root = GetterUtil.getBoolean(
1008                                    modelResourceElement.elementText("root"));
1009    
1010                            if (root) {
1011                                    _portletRootModelResource.put(portletName, name);
1012                            }
1013                    }
1014    
1015                    double weight = GetterUtil.getDouble(
1016                            modelResourceElement.elementTextTrim("weight"), 100);
1017    
1018                    _modelResourceWeights.put(name, weight);
1019    
1020                    List<String> supportsActions = readSupportsActions(
1021                            modelResourceElement, _modelResourceActions, name);
1022    
1023                    checkModelActions(supportsActions);
1024    
1025                    if (supportsActions.size() > 64) {
1026                            throw new ResourceActionsException(
1027                                    "There are more than 64 actions for resource " + name);
1028                    }
1029    
1030                    setActions(_modelResourceActions, name, supportsActions);
1031    
1032                    readGroupDefaultActions(
1033                            modelResourceElement, _modelResourceGroupDefaultActions, name);
1034    
1035                    List<String> guestDefaultActions = readGuestDefaultActions(
1036                            modelResourceElement, _modelResourceGuestDefaultActions, name);
1037    
1038                    readGuestUnsupportedActions(
1039                            modelResourceElement, _modelResourceGuestUnsupportedActions, name,
1040                            guestDefaultActions);
1041    
1042                    setActions(
1043                            _modelResourceGuestDefaultActions, name, guestDefaultActions);
1044    
1045                    readOwnerDefaultActions(
1046                            modelResourceElement, _modelResourceOwnerDefaultActions, name);
1047            }
1048    
1049            protected void readOwnerDefaultActions(
1050                    Element parentElement, Map<String, List<String>> actionsMap,
1051                    String name) {
1052    
1053                    List<String> ownerDefaultActions = new UniqueList<String>(
1054                            getActions(actionsMap, name));
1055    
1056                    Element ownerDefaultsElement = getPermissionsChildElement(
1057                            parentElement, "owner-defaults");
1058    
1059                    if (ownerDefaultsElement == null) {
1060                            return;
1061                    }
1062    
1063                    ownerDefaultActions.addAll(readActionKeys(ownerDefaultsElement));
1064    
1065                    setActions(actionsMap, name, ownerDefaultActions);
1066            }
1067    
1068            protected void readPortletResource(
1069                            String servletContextName, Element portletResourceElement)
1070                    throws Exception {
1071    
1072                    String name = portletResourceElement.elementTextTrim("portlet-name");
1073    
1074                    if (servletContextName != null) {
1075                            name = name.concat(PortletConstants.WAR_SEPARATOR).concat(
1076                                    servletContextName);
1077                    }
1078    
1079                    name = JS.getSafeName(name);
1080    
1081                    List<String> supportsActions = readSupportsActions(
1082                            portletResourceElement, _portletResourceActions, name);
1083    
1084                    supportsActions.addAll(getPortletMimeTypeActions(name));
1085    
1086                    if (!name.equals(PortletKeys.PORTAL)) {
1087                            checkPortletActions(name, supportsActions);
1088                    }
1089    
1090                    if (supportsActions.size() > 64) {
1091                            throw new ResourceActionsException(
1092                                    "There are more than 64 actions for resource " + name);
1093                    }
1094    
1095                    supportsActions = setActions(
1096                            _portletResourceActions, name, supportsActions);
1097    
1098                    readGroupDefaultActions(
1099                            portletResourceElement, _portletResourceGroupDefaultActions, name);
1100    
1101                    List<String> guestDefaultActions = readGuestDefaultActions(
1102                            portletResourceElement, _portletResourceGuestDefaultActions, name);
1103    
1104                    readGuestUnsupportedActions(
1105                            portletResourceElement, _portletResourceGuestUnsupportedActions,
1106                            name, guestDefaultActions);
1107    
1108                    setActions(
1109                            _portletResourceGuestDefaultActions, name, guestDefaultActions);
1110    
1111                    readLayoutManagerActions(
1112                            portletResourceElement, _portletResourceLayoutManagerActions, name,
1113                            supportsActions);
1114            }
1115    
1116            protected List<String> readSupportsActions(
1117                    Element parentElement, Map<String, List<String>> actionsMap,
1118                    String name) {
1119    
1120                    List<String> supportsActions = new UniqueList<String>(
1121                            getActions(actionsMap, name));
1122    
1123                    Element supportsElement = getPermissionsChildElement(
1124                            parentElement, "supports");
1125    
1126                    supportsActions.addAll(readActionKeys(supportsElement));
1127    
1128                    return supportsActions;
1129            }
1130    
1131            protected List<String> setActions(
1132                    Map<String, List<String>> actionsMap, String name,
1133                    List<String> actions) {
1134    
1135                    actions = new UnmodifiableList<String>(actions);
1136    
1137                    actionsMap.put(name, actions);
1138    
1139                    return actions;
1140            }
1141    
1142            @BeanReference(type = PortletLocalService.class)
1143            protected PortletLocalService portletLocalService;
1144    
1145            @BeanReference(type = ResourceActionLocalService.class)
1146            protected ResourceActionLocalService resourceActionLocalService;
1147    
1148            @BeanReference(type = RoleLocalService.class)
1149            protected RoleLocalService roleLocalService;
1150    
1151            private static final String _ACTION_NAME_PREFIX = "action.";
1152    
1153            private static final String _MODEL_RESOURCE_NAME_PREFIX = "model.resource.";
1154    
1155            private static final String[] _ORGANIZATION_MODEL_RESOURCES = {
1156                    Organization.class.getName(), PasswordPolicy.class.getName(),
1157                    User.class.getName()
1158            };
1159    
1160            private static final String[] _PORTAL_MODEL_RESOURCES = {
1161                    ExpandoColumn.class.getName(), LayoutPrototype.class.getName(),
1162                    LayoutSetPrototype.class.getName(), MDRRuleGroup.class.getName(),
1163                    Organization.class.getName(), PasswordPolicy.class.getName(),
1164                    Role.class.getName(), User.class.getName(), UserGroup.class.getName()
1165            };
1166    
1167            private static Log _log = LogFactoryUtil.getLog(ResourceActionsImpl.class);
1168    
1169            private Map<String, Set<String>> _modelPortletResources;
1170            private Map<String, List<String>> _modelResourceActions;
1171            private Map<String, List<String>> _modelResourceGroupDefaultActions;
1172            private Map<String, List<String>> _modelResourceGuestDefaultActions;
1173            private Map<String, List<String>> _modelResourceGuestUnsupportedActions;
1174            private Map<String, List<String>> _modelResourceOwnerDefaultActions;
1175            private Map<String, Double> _modelResourceWeights;
1176            private Set<String> _organizationModelResources;
1177            private Set<String> _portalModelResources;
1178            private Map<String, Set<String>> _portletModelResources;
1179            private Map<String, List<String>> _portletResourceActions;
1180            private Map<String, List<String>> _portletResourceGroupDefaultActions;
1181            private Map<String, List<String>> _portletResourceGuestDefaultActions;
1182            private Map<String, List<String>> _portletResourceGuestUnsupportedActions;
1183            private Map<String, List<String>> _portletResourceLayoutManagerActions;
1184            private Map<String, String> _portletRootModelResource;
1185    
1186    }