1   /**
2    * Copyright (c) 2000-2009 Liferay, Inc. All rights reserved.
3    *
4    * Permission is hereby granted, free of charge, to any person obtaining a copy
5    * of this software and associated documentation files (the "Software"), to deal
6    * in the Software without restriction, including without limitation the rights
7    * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
8    * copies of the Software, and to permit persons to whom the Software is
9    * furnished to do so, subject to the following conditions:
10   *
11   * The above copyright notice and this permission notice shall be included in
12   * all copies or substantial portions of the Software.
13   *
14   * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15   * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16   * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
17   * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
18   * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
19   * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
20   * SOFTWARE.
21   */
22  
23  package com.liferay.portal.service.impl;
24  
25  import com.liferay.portal.NoSuchResourceException;
26  import com.liferay.portal.PortalException;
27  import com.liferay.portal.ResourceActionsException;
28  import com.liferay.portal.SystemException;
29  import com.liferay.portal.kernel.log.Log;
30  import com.liferay.portal.kernel.log.LogFactoryUtil;
31  import com.liferay.portal.model.Group;
32  import com.liferay.portal.model.GroupConstants;
33  import com.liferay.portal.model.Layout;
34  import com.liferay.portal.model.Permission;
35  import com.liferay.portal.model.Resource;
36  import com.liferay.portal.model.ResourceCode;
37  import com.liferay.portal.model.ResourceConstants;
38  import com.liferay.portal.model.Role;
39  import com.liferay.portal.model.RoleConstants;
40  import com.liferay.portal.security.permission.PermissionsListFilter;
41  import com.liferay.portal.security.permission.PermissionsListFilterFactory;
42  import com.liferay.portal.security.permission.ResourceActionsUtil;
43  import com.liferay.portal.service.base.ResourceLocalServiceBaseImpl;
44  import com.liferay.portal.util.PropsValues;
45  import com.liferay.portal.util.comparator.ResourceComparator;
46  
47  import java.util.List;
48  
49  import org.apache.commons.lang.time.StopWatch;
50  
51  /**
52   * <a href="ResourceLocalServiceImpl.java.html"><b><i>View Source</i></b></a>
53   *
54   * @author Brian Wing Shun Chan
55   * @author Wilson S. Man
56   * @author Raymond Augé
57   *
58   */
59  public class ResourceLocalServiceImpl extends ResourceLocalServiceBaseImpl {
60  
61      public void addModelResources(
62              long companyId, long groupId, long userId, String name,
63              long primKey, String[] communityPermissions,
64              String[] guestPermissions)
65          throws PortalException, SystemException {
66  
67          addModelResources(
68              companyId, groupId, userId, name, String.valueOf(primKey),
69              communityPermissions, guestPermissions);
70      }
71  
72      public void addModelResources(
73              long companyId, long groupId, long userId, String name,
74              String primKey, String[] communityPermissions,
75              String[] guestPermissions)
76          throws PortalException, SystemException {
77  
78          validate(companyId, name, false);
79  
80          // Company
81  
82          addResource(
83              companyId, name, ResourceConstants.SCOPE_COMPANY,
84              String.valueOf(companyId));
85  
86          // Guest
87  
88          Group guestGroup = groupLocalService.getGroup(
89              companyId, GroupConstants.GUEST);
90  
91          addResource(
92              companyId, name, ResourceConstants.SCOPE_GROUP,
93              String.valueOf(guestGroup.getGroupId()));
94  
95          // Group
96  
97          if ((groupId > 0) && (guestGroup.getGroupId() != groupId)) {
98              addResource(
99                  companyId, name, ResourceConstants.SCOPE_GROUP,
100                 String.valueOf(groupId));
101         }
102 
103         if (primKey != null) {
104 
105             // Individual
106 
107             Resource resource = addResource(
108                 companyId, name, ResourceConstants.SCOPE_INDIVIDUAL, primKey);
109 
110             long defaultUserId = userLocalService.getDefaultUserId(
111                 companyId);
112 
113             PermissionsListFilter permissionsListFilter =
114                 PermissionsListFilterFactory.getInstance();
115 
116             // Permissions
117 
118             List<Permission> permissionsList =
119                 permissionLocalService.addPermissions(
120                     companyId, name, resource.getResourceId(), false);
121 
122             List<Permission> userPermissionsList =
123                 permissionsListFilter.filterUserPermissions(
124                     companyId, groupId, userId, name, primKey, false,
125                     permissionsList);
126 
127             if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
128 
129                 // Owner permissions
130 
131                 Role ownerRole = roleLocalService.getRole(
132                     companyId, RoleConstants.OWNER);
133 
134                 rolePersistence.addPermissions(
135                     ownerRole.getRoleId(), userPermissionsList);
136             }
137             else {
138 
139                 // User permissions
140 
141                 if ((userId > 0) && (userId != defaultUserId)) {
142                     userPersistence.addPermissions(userId, userPermissionsList);
143                 }
144             }
145 
146             // Community permissions
147 
148             if (groupId > 0) {
149                 Group group = groupPersistence.findByPrimaryKey(groupId);
150 
151                 if (communityPermissions == null) {
152                     communityPermissions = new String[0];
153                 }
154 
155                 List<Permission> communityPermissionsList =
156                     permissionLocalService.getPermissions(
157                         companyId, communityPermissions,
158                         resource.getResourceId());
159 
160                 communityPermissionsList =
161                     permissionsListFilter.filterCommunityPermissions(
162                         companyId, groupId, userId, name, primKey, false,
163                         communityPermissionsList);
164 
165                 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
166                     Role role = null;
167 
168                     if (group.isLayout()) {
169                         Layout layout = layoutLocalService.getLayout(
170                             group.getClassPK());
171 
172                         group = layout.getGroup();
173                     }
174 
175                     if (group.isCommunity()) {
176                         role = roleLocalService.getRole(
177                             companyId, RoleConstants.COMMUNITY_MEMBER);
178                     }
179                     else if (group.isOrganization()) {
180                         role = roleLocalService.getRole(
181                             companyId, RoleConstants.ORGANIZATION_MEMBER);
182                     }
183                     else if (group.isUser() || group.isUserGroup()) {
184                         role = roleLocalService.getRole(
185                             companyId, RoleConstants.POWER_USER);
186                     }
187 
188                     rolePersistence.addPermissions(
189                         role.getRoleId(), communityPermissionsList);
190                 }
191                 else {
192                     groupPersistence.addPermissions(
193                         groupId, communityPermissionsList);
194                 }
195             }
196 
197             // Guest permissions
198 
199             if (guestPermissions == null) {
200                 guestPermissions = new String[0];
201             }
202 
203             List<Permission> guestPermissionsList =
204                 permissionLocalService.getPermissions(
205                     companyId, guestPermissions, resource.getResourceId());
206 
207             guestPermissionsList = permissionsListFilter.filterGuestPermissions(
208                 companyId, groupId, userId, name, primKey, false,
209                 guestPermissionsList);
210 
211             if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
212 
213                 // Guest permissions
214 
215                 Role guestRole = roleLocalService.getRole(
216                     companyId, RoleConstants.GUEST);
217 
218                 rolePersistence.addPermissions(
219                     guestRole.getRoleId(), guestPermissionsList);
220             }
221             else {
222                 userPersistence.addPermissions(
223                     defaultUserId, guestPermissionsList);
224             }
225         }
226     }
227 
228     public Resource addResource(
229             long companyId, String name, int scope, String primKey)
230         throws SystemException {
231 
232         ResourceCode resourceCode = resourceCodeLocalService.getResourceCode(
233             companyId, name, scope);
234 
235         Resource resource = resourcePersistence.fetchByC_P(
236             resourceCode.getCodeId(), primKey);
237 
238         if (resource == null) {
239             long resourceId = counterLocalService.increment(
240                 Resource.class.getName());
241 
242             resource = resourcePersistence.create(resourceId);
243 
244             resource.setCodeId(resourceCode.getCodeId());
245             resource.setPrimKey(primKey);
246 
247             resourcePersistence.update(resource, false);
248         }
249 
250         return resource;
251     }
252 
253     public void addResources(
254             long companyId, long groupId, String name, boolean portletActions)
255         throws PortalException, SystemException {
256 
257         addResources(
258             companyId, groupId, 0, name, null, portletActions, false, false);
259     }
260 
261     public void addResources(
262             long companyId, long groupId, long userId, String name,
263             long primKey, boolean portletActions,
264             boolean addCommunityPermissions, boolean addGuestPermissions)
265         throws PortalException, SystemException {
266 
267         addResources(
268             companyId, groupId, userId, name, String.valueOf(primKey),
269             portletActions, addCommunityPermissions, addGuestPermissions);
270     }
271 
272     public void addResources(
273             long companyId, long groupId, long userId, String name,
274             String primKey, boolean portletActions,
275             boolean addCommunityPermissions, boolean addGuestPermissions)
276         throws PortalException, SystemException {
277 
278         StopWatch stopWatch = null;
279 
280         if (_log.isDebugEnabled()) {
281             stopWatch = new StopWatch();
282 
283             stopWatch.start();
284         }
285 
286         validate(companyId, name, portletActions);
287 
288         logAddResources(name, primKey, stopWatch, 1);
289 
290         // Company
291 
292         addResource(
293             companyId, name, ResourceConstants.SCOPE_COMPANY,
294             String.valueOf(companyId));
295 
296         logAddResources(name, primKey, stopWatch, 2);
297 
298         if (groupId > 0) {
299             addResource(
300                 companyId, name, ResourceConstants.SCOPE_GROUP,
301                 String.valueOf(groupId));
302         }
303 
304         logAddResources(name, primKey, stopWatch, 3);
305 
306         if (primKey != null) {
307 
308             // Individual
309 
310             Resource resource = addResource(
311                 companyId, name, ResourceConstants.SCOPE_INDIVIDUAL, primKey);
312 
313             logAddResources(name, primKey, stopWatch, 4);
314 
315             // Permissions
316 
317             List<Permission> permissionsList =
318                 permissionLocalService.addPermissions(
319                     companyId, name, resource.getResourceId(), portletActions);
320 
321             logAddResources(name, primKey, stopWatch, 5);
322 
323             PermissionsListFilter permissionsListFilter =
324                 PermissionsListFilterFactory.getInstance();
325 
326             List<Permission> userPermissionsList =
327                 permissionsListFilter.filterUserPermissions(
328                     companyId, groupId, userId, name, primKey,
329                     portletActions, permissionsList);
330 
331             if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
332 
333                 // Owner permissions
334 
335                 Role ownerRole = roleLocalService.getRole(
336                     companyId, RoleConstants.OWNER);
337 
338                 rolePersistence.addPermissions(
339                     ownerRole.getRoleId(), userPermissionsList);
340             }
341             else {
342 
343                 // User permissions
344 
345                 long defaultUserId = userLocalService.getDefaultUserId(
346                     companyId);
347 
348                 if ((userId > 0) && (userId != defaultUserId)) {
349                     userPersistence.addPermissions(userId, userPermissionsList);
350                 }
351             }
352 
353             logAddResources(name, primKey, stopWatch, 6);
354 
355             // Community permissions
356 
357             if ((groupId > 0) && addCommunityPermissions) {
358                 addCommunityPermissions(
359                     companyId, groupId, userId, name, resource, portletActions);
360             }
361 
362             logAddResources(name, primKey, stopWatch, 7);
363 
364             // Guest permissions
365 
366             if (addGuestPermissions) {
367 
368                 // Don't add guest permissions when you've already added
369                 // community permissions and the given community is the guest
370                 // community.
371 
372                 addGuestPermissions(
373                     companyId, groupId, userId, name, resource, portletActions);
374             }
375 
376             logAddResources(name, primKey, stopWatch, 8);
377         }
378     }
379 
380     public void deleteResource(long resourceId) throws SystemException {
381         try {
382             Resource resource = resourcePersistence.findByPrimaryKey(
383                 resourceId);
384 
385             deleteResource(resource);
386         }
387         catch (NoSuchResourceException nsre) {
388             if (_log.isWarnEnabled()) {
389                 _log.warn(nsre);
390             }
391         }
392     }
393 
394     public void deleteResource(Resource resource) throws SystemException {
395 
396         // Permissions
397 
398         List<Permission> permissions = permissionPersistence.findByResourceId(
399             resource.getResourceId());
400 
401         for (Permission permission : permissions) {
402             orgGroupPermissionPersistence.removeByPermissionId(
403                 permission.getPermissionId());
404         }
405 
406         permissionPersistence.removeByResourceId(resource.getResourceId());
407 
408         // Resource
409 
410         resourcePersistence.remove(resource);
411     }
412 
413     public void deleteResource(
414             long companyId, String name, int scope, long primKey)
415         throws PortalException, SystemException {
416 
417         deleteResource(companyId, name, scope, String.valueOf(primKey));
418     }
419 
420     public void deleteResource(
421             long companyId, String name, int scope, String primKey)
422         throws PortalException, SystemException {
423 
424         try {
425             Resource resource = getResource(companyId, name, scope, primKey);
426 
427             deleteResource(resource.getResourceId());
428         }
429         catch (NoSuchResourceException nsre) {
430             if (_log.isWarnEnabled()) {
431                 _log.warn(nsre);
432             }
433         }
434     }
435 
436     public void deleteResources(String name) throws SystemException {
437         List<Resource> resources = resourceFinder.findByName(name);
438 
439         for (Resource resource : resources) {
440             deleteResource(resource);
441         }
442     }
443 
444     public long getLatestResourceId() throws SystemException {
445         List<Resource> resources = resourcePersistence.findAll(
446             0, 1, new ResourceComparator());
447 
448         if (resources.size() == 0) {
449             return 0;
450         }
451         else {
452             Resource resource = resources.get(0);
453 
454             return resource.getResourceId();
455         }
456     }
457 
458     public Resource getResource(long resourceId)
459         throws PortalException, SystemException {
460 
461         return resourcePersistence.findByPrimaryKey(resourceId);
462     }
463 
464     public Resource getResource(
465             long companyId, String name, int scope, String primKey)
466         throws PortalException, SystemException {
467 
468         ResourceCode resourceCode = resourceCodeLocalService.getResourceCode(
469             companyId, name, scope);
470 
471         return resourcePersistence.findByC_P(resourceCode.getCodeId(), primKey);
472     }
473 
474     public List<Resource> getResources() throws SystemException {
475         return resourcePersistence.findAll();
476     }
477 
478     public void updateResources(
479             long companyId, long groupId, String name, long primKey,
480             String[] communityPermissions, String[] guestPermissions)
481         throws PortalException, SystemException {
482 
483         updateResources(
484             companyId, groupId, name, String.valueOf(primKey),
485             communityPermissions, guestPermissions);
486     }
487 
488     public void updateResources(
489             long companyId, long groupId, String name, String primKey,
490             String[] communityPermissions, String[] guestPermissions)
491         throws PortalException, SystemException {
492 
493         Resource resource = getResource(
494             companyId, name, ResourceConstants.SCOPE_INDIVIDUAL, primKey);
495 
496         Role role = roleLocalService.getRole(companyId, RoleConstants.GUEST);
497 
498         if (guestPermissions == null) {
499             guestPermissions = new String[0];
500         }
501 
502         permissionService.setRolePermissions(
503             role.getRoleId(), groupId, guestPermissions,
504             resource.getResourceId());
505 
506         Group group = groupLocalService.getGroup(groupId);
507 
508         if (group.isLayout()) {
509             Layout layout = layoutLocalService.getLayout(
510                 group.getClassPK());
511 
512             group = layout.getGroup();
513         }
514 
515         if (group.isCommunity()) {
516             role = roleLocalService.getRole(
517                 companyId, RoleConstants.COMMUNITY_MEMBER);
518         }
519         else if (group.isOrganization()) {
520             role = roleLocalService.getRole(
521                 companyId, RoleConstants.ORGANIZATION_MEMBER);
522         }
523         else if (group.isUser() || group.isUserGroup()) {
524             role = roleLocalService.getRole(
525                 companyId, RoleConstants.POWER_USER);
526         }
527 
528         if (communityPermissions == null) {
529             communityPermissions = new String[0];
530         }
531 
532         permissionService.setRolePermissions(
533             role.getRoleId(), groupId, communityPermissions,
534             resource.getResourceId());
535     }
536 
537     protected void addCommunityPermissions(
538             long companyId, long groupId, long userId, String name,
539             Resource resource, boolean portletActions)
540         throws PortalException, SystemException {
541 
542         StopWatch stopWatch = null;
543 
544         if (_log.isDebugEnabled()) {
545             stopWatch = new StopWatch();
546 
547             stopWatch.start();
548         }
549 
550         Group group = groupPersistence.findByPrimaryKey(groupId);
551 
552         long resourceId = resource.getResourceId();
553         String primKey = resource.getPrimKey();
554 
555         logAddCommunityPermissions(groupId, name, resourceId, stopWatch, 1);
556 
557         List<String> actions = null;
558 
559         if (portletActions) {
560             actions =
561                 ResourceActionsUtil.getPortletResourceCommunityDefaultActions(
562                     name);
563         }
564         else {
565             actions =
566                 ResourceActionsUtil.getModelResourceCommunityDefaultActions(
567                     name);
568         }
569 
570         logAddCommunityPermissions(groupId, name, resourceId, stopWatch, 2);
571 
572         String[] actionIds = actions.toArray(new String[actions.size()]);
573 
574         List<Permission> communityPermissionsList =
575             permissionLocalService.getPermissions(
576                 group.getCompanyId(), actionIds, resourceId);
577 
578         logAddCommunityPermissions(groupId, name, resourceId, stopWatch, 3);
579 
580         PermissionsListFilter permissionsListFilter =
581             PermissionsListFilterFactory.getInstance();
582 
583         communityPermissionsList =
584             permissionsListFilter.filterCommunityPermissions(
585                 companyId, groupId, userId, name, primKey, portletActions,
586                 communityPermissionsList);
587 
588         logAddCommunityPermissions(groupId, name, resourceId, stopWatch, 4);
589 
590         if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
591             Role role = null;
592 
593             if (group.isLayout()) {
594                 Layout layout = layoutLocalService.getLayout(
595                     group.getClassPK());
596 
597                 group = layout.getGroup();
598             }
599 
600             if (group.isCommunity()) {
601                 role = roleLocalService.getRole(
602                     companyId, RoleConstants.COMMUNITY_MEMBER);
603             }
604             else if (group.isOrganization()) {
605                 role = roleLocalService.getRole(
606                     companyId, RoleConstants.ORGANIZATION_MEMBER);
607             }
608             else if (group.isUser() || group.isUserGroup()) {
609                 role = roleLocalService.getRole(
610                     companyId, RoleConstants.POWER_USER);
611             }
612 
613             rolePersistence.addPermissions(
614                 role.getRoleId(), communityPermissionsList);
615         }
616         else {
617             groupPersistence.addPermissions(groupId, communityPermissionsList);
618         }
619 
620         logAddCommunityPermissions(groupId, name, resourceId, stopWatch, 5);
621     }
622 
623     protected void addGuestPermissions(
624             long companyId, long groupId, long userId, String name,
625             Resource resource, boolean portletActions)
626         throws PortalException, SystemException {
627 
628         List<String> actions = null;
629 
630         if (portletActions) {
631             actions = ResourceActionsUtil.getPortletResourceGuestDefaultActions(
632                 name);
633         }
634         else {
635             actions = ResourceActionsUtil.getModelResourceGuestDefaultActions(
636                 name);
637         }
638 
639         String[] actionIds = actions.toArray(new String[actions.size()]);
640 
641         List<Permission> guestPermissionsList =
642             permissionLocalService.getPermissions(
643                 companyId, actionIds, resource.getResourceId());
644 
645         PermissionsListFilter permissionsListFilter =
646             PermissionsListFilterFactory.getInstance();
647 
648         guestPermissionsList =
649             permissionsListFilter.filterGuestPermissions(
650                 companyId, groupId, userId, name, resource.getPrimKey(),
651                 portletActions, guestPermissionsList);
652 
653         if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
654             Role guestRole = roleLocalService.getRole(
655                 companyId, RoleConstants.GUEST);
656 
657             rolePersistence.addPermissions(
658                 guestRole.getRoleId(), guestPermissionsList);
659         }
660         else {
661             long defaultUserId = userLocalService.getDefaultUserId(companyId);
662 
663             userPersistence.addPermissions(defaultUserId, guestPermissionsList);
664         }
665     }
666 
667     protected void logAddCommunityPermissions(
668         long groupId, String name, long resourceId, StopWatch stopWatch,
669         int block) {
670 
671         if (!_log.isDebugEnabled()) {
672             return;
673         }
674 
675         _log.debug(
676             "Adding community permissions block " + block + " for " + groupId +
677                 " " + name + " " + resourceId + " takes " +
678                     stopWatch.getTime() + " ms");
679     }
680 
681     protected void logAddResources(
682         String name, String primKey, StopWatch stopWatch, int block) {
683 
684         if (!_log.isDebugEnabled()) {
685             return;
686         }
687 
688         _log.debug(
689             "Adding resources block " + block + " for " + name + " " + primKey +
690                 " takes " + stopWatch.getTime() + " ms");
691     }
692 
693     protected void validate(
694             long companyId, String name, boolean portletActions)
695         throws PortalException, SystemException {
696 
697         List<String> actions = null;
698 
699         if (portletActions) {
700             actions = ResourceActionsUtil.getPortletResourceActions(
701                 companyId, name);
702         }
703         else {
704             actions = ResourceActionsUtil.getModelResourceActions(name);
705         }
706 
707         if (actions.size() == 0) {
708             throw new ResourceActionsException(
709                 "There are no actions associated with the resource " + name);
710         }
711     }
712 
713     private static Log _log =
714         LogFactoryUtil.getLog(ResourceLocalServiceImpl.class);
715 
716 }