001
014
015 package com.liferay.portal.service.impl;
016
017 import com.liferay.portal.NoSuchResourceException;
018 import com.liferay.portal.ResourceActionsException;
019 import com.liferay.portal.kernel.exception.PortalException;
020 import com.liferay.portal.kernel.exception.SystemException;
021 import com.liferay.portal.kernel.log.Log;
022 import com.liferay.portal.kernel.log.LogFactoryUtil;
023 import com.liferay.portal.kernel.search.SearchEngineUtil;
024 import com.liferay.portal.kernel.util.ListUtil;
025 import com.liferay.portal.model.AuditedModel;
026 import com.liferay.portal.model.ClassedModel;
027 import com.liferay.portal.model.Group;
028 import com.liferay.portal.model.GroupConstants;
029 import com.liferay.portal.model.GroupedModel;
030 import com.liferay.portal.model.Permission;
031 import com.liferay.portal.model.PermissionedModel;
032 import com.liferay.portal.model.Resource;
033 import com.liferay.portal.model.ResourceCode;
034 import com.liferay.portal.model.ResourceConstants;
035 import com.liferay.portal.model.ResourcePermission;
036 import com.liferay.portal.model.Role;
037 import com.liferay.portal.model.RoleConstants;
038 import com.liferay.portal.model.impl.ResourceImpl;
039 import com.liferay.portal.security.permission.PermissionCacheUtil;
040 import com.liferay.portal.security.permission.PermissionThreadLocal;
041 import com.liferay.portal.security.permission.PermissionsListFilter;
042 import com.liferay.portal.security.permission.PermissionsListFilterFactory;
043 import com.liferay.portal.security.permission.ResourceActionsUtil;
044 import com.liferay.portal.service.ServiceContext;
045 import com.liferay.portal.service.base.ResourceLocalServiceBaseImpl;
046 import com.liferay.portal.util.PropsValues;
047 import com.liferay.portal.util.ResourcePermissionsThreadLocal;
048 import com.liferay.portal.util.comparator.ResourceComparator;
049
050 import java.util.Arrays;
051 import java.util.Iterator;
052 import java.util.List;
053
054
061 public class ResourceLocalServiceImpl extends ResourceLocalServiceBaseImpl {
062
063 public void addModelResources(
064 AuditedModel auditedModel, ServiceContext serviceContext)
065 throws PortalException, SystemException {
066
067 ClassedModel classedModel = (ClassedModel)auditedModel;
068
069 if (serviceContext.getAddGroupPermissions() ||
070 serviceContext.getAddGuestPermissions()) {
071
072 addResources(
073 auditedModel.getCompanyId(), getGroupId(auditedModel),
074 auditedModel.getUserId(), classedModel.getModelClassName(),
075 String.valueOf(classedModel.getPrimaryKeyObj()), false,
076 serviceContext.getAddGroupPermissions(),
077 serviceContext.getAddGuestPermissions(),
078 getPermissionedModel(auditedModel));
079 }
080 else {
081 addModelResources(
082 auditedModel.getCompanyId(), getGroupId(auditedModel),
083 auditedModel.getUserId(), classedModel.getModelClassName(),
084 String.valueOf(classedModel.getPrimaryKeyObj()),
085 serviceContext.getGroupPermissions(),
086 serviceContext.getGuestPermissions(),
087 getPermissionedModel(auditedModel));
088 }
089 }
090
091 public void addModelResources(
092 long companyId, long groupId, long userId, String name,
093 long primKey, String[] groupPermissions, String[] guestPermissions)
094 throws PortalException, SystemException {
095
096 addModelResources(
097 companyId, groupId, userId, name, String.valueOf(primKey),
098 groupPermissions, guestPermissions, null);
099 }
100
101 public void addModelResources(
102 long companyId, long groupId, long userId, String name,
103 String primKey, String[] groupPermissions,
104 String[] guestPermissions)
105 throws PortalException, SystemException {
106
107 addModelResources(
108 companyId, groupId, userId, name, primKey, groupPermissions,
109 guestPermissions, null);
110 }
111
112 public Resource addResource(
113 long companyId, String name, int scope, String primKey)
114 throws SystemException {
115
116 if (!PermissionThreadLocal.isAddResource()) {
117 return null;
118 }
119
120 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
121 return addResource_6(companyId, name, scope, primKey);
122 }
123 else {
124 return addResource_1to5(companyId, name, scope, primKey);
125 }
126 }
127
128 public void addResources(
129 long companyId, long groupId, long userId, String name,
130 long primKey, boolean portletActions,
131 boolean addGroupPermissions, boolean addGuestPermissions)
132 throws PortalException, SystemException {
133
134 addResources(
135 companyId, groupId, userId, name, String.valueOf(primKey),
136 portletActions, addGroupPermissions, addGuestPermissions, null);
137 }
138
139 public void addResources(
140 long companyId, long groupId, long userId, String name,
141 String primKey, boolean portletActions,
142 boolean addGroupPermissions, boolean addGuestPermissions)
143 throws PortalException, SystemException {
144
145 addResources(
146 companyId, groupId, userId, name, primKey, portletActions,
147 addGroupPermissions, addGuestPermissions, null);
148 }
149
150 public void addResources(
151 long companyId, long groupId, String name, boolean portletActions)
152 throws PortalException, SystemException {
153
154 addResources(
155 companyId, groupId, 0, name, null, portletActions, false, false);
156 }
157
158 public void deleteResource(AuditedModel auditedModel, int scope)
159 throws PortalException, SystemException {
160
161 ClassedModel classedModel = (ClassedModel)auditedModel;
162
163 deleteResource(
164 auditedModel.getCompanyId(), classedModel.getModelClassName(),
165 scope, String.valueOf(classedModel.getPrimaryKeyObj()),
166 getPermissionedModel(auditedModel));
167 }
168
169 @Override
170 public void deleteResource(long resourceId) throws SystemException {
171 try {
172 Resource resource = resourcePersistence.findByPrimaryKey(
173 resourceId);
174
175 deleteResource(resource);
176 }
177 catch (NoSuchResourceException nsre) {
178 if (_log.isWarnEnabled()) {
179 _log.warn(nsre);
180 }
181 }
182 }
183
184 public void deleteResource(
185 long companyId, String name, int scope, long primKey)
186 throws PortalException, SystemException {
187
188 deleteResource(companyId, name, scope, String.valueOf(primKey), null);
189 }
190
191 public void deleteResource(
192 long companyId, String name, int scope, String primKey)
193 throws PortalException, SystemException {
194
195 deleteResource(companyId, name, scope, primKey, null);
196 }
197
198 @Override
199 public void deleteResource(Resource resource) throws SystemException {
200
201
202
203 List<Permission> permissions = permissionPersistence.findByResourceId(
204 resource.getResourceId());
205
206 for (Permission permission : permissions) {
207 orgGroupPermissionPersistence.removeByPermissionId(
208 permission.getPermissionId());
209 }
210
211 permissionPersistence.removeByResourceId(resource.getResourceId());
212
213
214
215 resourcePersistence.remove(resource);
216 }
217
218 public void deleteResources(String name) throws SystemException {
219 List<Resource> resources = resourceFinder.findByName(name);
220
221 for (Resource resource : resources) {
222 deleteResource(resource);
223 }
224 }
225
226 public Resource fetchResource(
227 long companyId, String name, int scope, String primKey)
228 throws SystemException {
229
230 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
231 return getResource_6(companyId, name, scope, primKey);
232 }
233 else {
234 return fetchResource_1to5(companyId, name, scope, primKey);
235 }
236 }
237
238 public long getLatestResourceId() throws SystemException {
239 List<Resource> resources = resourcePersistence.findAll(
240 0, 1, new ResourceComparator());
241
242 if (resources.size() == 0) {
243 return 0;
244 }
245 else {
246 Resource resource = resources.get(0);
247
248 return resource.getResourceId();
249 }
250 }
251
252 @Override
253 public Resource getResource(long resourceId)
254 throws PortalException, SystemException {
255
256 return resourcePersistence.findByPrimaryKey(resourceId);
257 }
258
259 public Resource getResource(
260 long companyId, String name, int scope, String primKey)
261 throws PortalException, SystemException {
262
263 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
264 return getResource_6(companyId, name, scope, primKey);
265 }
266 else {
267 return getResource_1to5(companyId, name, scope, primKey);
268 }
269 }
270
271 public List<Resource> getResources() throws SystemException {
272 return resourcePersistence.findAll();
273 }
274
275 public void updateModelResources(
276 AuditedModel auditedModel, ServiceContext serviceContext)
277 throws PortalException, SystemException {
278
279 ClassedModel classedModel = (ClassedModel)auditedModel;
280
281 updateResources(
282 auditedModel.getCompanyId(), getGroupId(auditedModel),
283 classedModel.getModelClassName(),
284 String.valueOf(classedModel.getPrimaryKeyObj()),
285 serviceContext.getGroupPermissions(),
286 serviceContext.getGuestPermissions(),
287 getPermissionedModel(auditedModel));
288 }
289
290 public void updateResources(
291 long companyId, long groupId, String name, long primKey,
292 String[] groupPermissions, String[] guestPermissions)
293 throws PortalException, SystemException {
294
295 updateResources(
296 companyId, groupId, name, String.valueOf(primKey), groupPermissions,
297 guestPermissions, null);
298 }
299
300 public void updateResources(
301 long companyId, long groupId, String name, String primKey,
302 String[] groupPermissions, String[] guestPermissions)
303 throws PortalException, SystemException {
304
305 updateResources(
306 companyId, groupId, name, primKey, groupPermissions,
307 guestPermissions, null);
308 }
309
310 public void updateResources(
311 long companyId, String name, int scope, String primKey,
312 String newPrimKey)
313 throws PortalException, SystemException {
314
315 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
316 if (resourceBlockLocalService.isSupported(name)) {
317
318
319
320
321
322 }
323 else {
324 updateResources_6(companyId, name, scope, primKey, newPrimKey);
325 }
326 }
327 else {
328 updateResources_1to5(
329 companyId, name, scope, primKey, newPrimKey);
330 }
331 }
332
333 protected void addGroupPermissions(
334 long companyId, long groupId, long userId, String name,
335 Resource resource, boolean portletActions,
336 PermissionedModel permissionedModel)
337 throws PortalException, SystemException {
338
339 List<String> actions = null;
340
341 if (portletActions) {
342 actions = ResourceActionsUtil.getPortletResourceGroupDefaultActions(
343 name);
344 }
345 else {
346 actions = ResourceActionsUtil.getModelResourceGroupDefaultActions(
347 name);
348 }
349
350 String[] actionIds = actions.toArray(new String[actions.size()]);
351
352 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
353 if (resourceBlockLocalService.isSupported(name)) {
354 addGroupPermissions_6Blocks(
355 groupId, resource, actions, permissionedModel);
356 }
357 else {
358 addGroupPermissions_6(groupId, resource, actionIds);
359 }
360 }
361 else {
362 addGroupPermissions_1to5(
363 companyId, groupId, userId, name, resource, portletActions,
364 actionIds);
365 }
366 }
367
368 protected void addGroupPermissions_1to5(
369 long companyId, long groupId, long userId, String name,
370 Resource resource, boolean portletActions, String[] actionIds)
371 throws PortalException, SystemException {
372
373 long resourceId = resource.getResourceId();
374 String primKey = resource.getPrimKey();
375
376 List<Permission> groupPermissionsList =
377 permissionLocalService.getPermissions(
378 companyId, actionIds, resourceId);
379
380 PermissionsListFilter permissionsListFilter =
381 PermissionsListFilterFactory.getInstance();
382
383 groupPermissionsList =
384 permissionsListFilter.filterGroupPermissions(
385 companyId, groupId, userId, name, primKey, portletActions,
386 groupPermissionsList);
387
388 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
389 Role role = roleLocalService.getDefaultGroupRole(groupId);
390
391 rolePersistence.addPermissions(
392 role.getRoleId(), groupPermissionsList);
393 }
394 else {
395 groupPersistence.addPermissions(groupId, groupPermissionsList);
396 }
397 }
398
399 protected void addGroupPermissions_6(
400 long groupId, Resource resource, String[] actionIds)
401 throws PortalException, SystemException {
402
403 Role role = roleLocalService.getDefaultGroupRole(groupId);
404
405 resourcePermissionLocalService.setResourcePermissions(
406 resource.getCompanyId(), resource.getName(), resource.getScope(),
407 resource.getPrimKey(), role.getRoleId(), actionIds);
408 }
409
410 protected void addGroupPermissions_6Blocks(
411 long groupId, Resource resource, List<String> actionIds,
412 PermissionedModel permissionedModel)
413 throws PortalException, SystemException {
414
415 if (permissionedModel == null) {
416 throw new IllegalArgumentException("Permissioned model is null");
417 }
418
419
420
421 Role role = roleLocalService.getDefaultGroupRole(groupId);
422
423 resourceBlockLocalService.setIndividualScopePermissions(
424 resource.getCompanyId(), groupId, resource.getName(),
425 permissionedModel, role.getRoleId(), actionIds);
426 }
427
428 protected void addGuestPermissions(
429 long companyId, long groupId, long userId, String name,
430 Resource resource, boolean portletActions,
431 PermissionedModel permissionedModel)
432 throws PortalException, SystemException {
433
434 List<String> actions = null;
435
436 if (portletActions) {
437 actions = ResourceActionsUtil.getPortletResourceGuestDefaultActions(
438 name);
439 }
440 else {
441 actions = ResourceActionsUtil.getModelResourceGuestDefaultActions(
442 name);
443 }
444
445 String[] actionIds = actions.toArray(new String[actions.size()]);
446
447 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
448 if (resourceBlockLocalService.isSupported(name)) {
449 addGuestPermissions_6Blocks(
450 companyId, groupId, resource, actions, permissionedModel);
451 }
452 else {
453 addGuestPermissions_6(companyId, resource, actionIds);
454 }
455 }
456 else {
457 addGuestPermissions_1to5(
458 companyId, groupId, userId, name, resource, portletActions,
459 actionIds);
460 }
461 }
462
463 protected void addGuestPermissions_1to5(
464 long companyId, long groupId, long userId, String name,
465 Resource resource, boolean portletActions, String[] actionIds)
466 throws PortalException, SystemException {
467
468 List<Permission> guestPermissionsList =
469 permissionLocalService.getPermissions(
470 companyId, actionIds, resource.getResourceId());
471
472 PermissionsListFilter permissionsListFilter =
473 PermissionsListFilterFactory.getInstance();
474
475 guestPermissionsList =
476 permissionsListFilter.filterGuestPermissions(
477 companyId, groupId, userId, name, resource.getPrimKey(),
478 portletActions, guestPermissionsList);
479
480 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
481 Role guestRole = roleLocalService.getRole(
482 companyId, RoleConstants.GUEST);
483
484 rolePersistence.addPermissions(
485 guestRole.getRoleId(), guestPermissionsList);
486 }
487 else {
488 long defaultUserId = userLocalService.getDefaultUserId(companyId);
489
490 userPersistence.addPermissions(defaultUserId, guestPermissionsList);
491 }
492 }
493
494 protected void addGuestPermissions_6(
495 long companyId, Resource resource, String[] actionIds)
496 throws PortalException, SystemException {
497
498 Role guestRole = roleLocalService.getRole(
499 companyId, RoleConstants.GUEST);
500
501 resourcePermissionLocalService.setResourcePermissions(
502 resource.getCompanyId(), resource.getName(), resource.getScope(),
503 resource.getPrimKey(), guestRole.getRoleId(), actionIds);
504 }
505
506 protected void addGuestPermissions_6Blocks(
507 long companyId, long groupId, Resource resource,
508 List<String> actionIds, PermissionedModel permissionedModel)
509 throws PortalException, SystemException {
510
511 if (permissionedModel == null) {
512 throw new IllegalArgumentException("Permissioned model is null");
513 }
514
515
516
517 Role guestRole = roleLocalService.getRole(
518 companyId, RoleConstants.GUEST);
519
520 resourceBlockLocalService.setIndividualScopePermissions(
521 resource.getCompanyId(), groupId, resource.getName(),
522 permissionedModel, guestRole.getRoleId(), actionIds);
523 }
524
525 protected void addModelResources(
526 long companyId, long groupId, long userId, String name,
527 String primKey, String[] groupPermissions,
528 String[] guestPermissions, PermissionedModel permissionedModel)
529 throws PortalException, SystemException {
530
531 if (!PermissionThreadLocal.isAddResource()) {
532 return;
533 }
534
535 validate(name, false);
536
537
538
539 addResource(
540 companyId, name, ResourceConstants.SCOPE_COMPANY,
541 String.valueOf(companyId));
542
543
544
545 Group guestGroup = groupLocalService.getGroup(
546 companyId, GroupConstants.GUEST);
547
548 addResource(
549 companyId, name, ResourceConstants.SCOPE_GROUP,
550 String.valueOf(guestGroup.getGroupId()));
551
552
553
554 if ((groupId > 0) && (guestGroup.getGroupId() != groupId)) {
555 addResource(
556 companyId, name, ResourceConstants.SCOPE_GROUP,
557 String.valueOf(groupId));
558 }
559
560 if (primKey == null) {
561 return;
562 }
563
564
565
566 Resource resource = addResource(
567 companyId, name, ResourceConstants.SCOPE_INDIVIDUAL, primKey);
568
569
570
571 boolean flushEnabled = PermissionThreadLocal.isFlushEnabled();
572
573 PermissionThreadLocal.setIndexEnabled(false);
574
575 try {
576 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
577 addModelResources_6(
578 companyId, groupId, userId, resource, groupPermissions,
579 guestPermissions, permissionedModel);
580 }
581 else {
582 addModelResources_1to5(
583 companyId, groupId, userId, resource, groupPermissions,
584 guestPermissions);
585 }
586 }
587 finally {
588 PermissionThreadLocal.setIndexEnabled(flushEnabled);
589
590 PermissionCacheUtil.clearCache();
591
592 SearchEngineUtil.updatePermissionFields(name, primKey);
593 }
594 }
595
596 protected void addModelResources_1to5(
597 long companyId, long groupId, long userId, Resource resource,
598 String[] groupPermissions, String[] guestPermissions)
599 throws PortalException, SystemException {
600
601 long defaultUserId = userLocalService.getDefaultUserId(companyId);
602
603 PermissionsListFilter permissionsListFilter =
604 PermissionsListFilterFactory.getInstance();
605
606 List<Permission> permissionsList =
607 permissionLocalService.addPermissions(
608 companyId, resource.getName(), resource.getResourceId(), false);
609
610 List<Permission> userPermissionsList =
611 permissionsListFilter.filterUserPermissions(
612 companyId, groupId, userId, resource.getName(),
613 resource.getPrimKey(), false, permissionsList);
614
615 filterOwnerPermissions(resource.getName(), userPermissionsList);
616
617 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
618
619
620
621 Role ownerRole = roleLocalService.getRole(
622 companyId, RoleConstants.OWNER);
623
624 rolePersistence.addPermissions(
625 ownerRole.getRoleId(), userPermissionsList);
626 }
627 else {
628
629
630
631 if ((userId > 0) && (userId != defaultUserId)) {
632 userPersistence.addPermissions(userId, userPermissionsList);
633 }
634 }
635
636
637
638 if (groupId > 0) {
639 if (groupPermissions == null) {
640 groupPermissions = new String[0];
641 }
642
643 List<Permission> groupPermissionsList =
644 permissionLocalService.getPermissions(
645 companyId, groupPermissions, resource.getResourceId());
646
647 groupPermissionsList =
648 permissionsListFilter.filterGroupPermissions(
649 companyId, groupId, userId, resource.getName(),
650 resource.getPrimKey(), false, groupPermissionsList);
651
652 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
653 Role role = roleLocalService.getDefaultGroupRole(groupId);
654
655 rolePersistence.addPermissions(
656 role.getRoleId(), groupPermissionsList);
657 }
658 else {
659 groupPersistence.addPermissions(
660 groupId, groupPermissionsList);
661 }
662 }
663
664
665
666 if (guestPermissions == null) {
667 guestPermissions = new String[0];
668 }
669
670 List<Permission> guestPermissionsList =
671 permissionLocalService.getPermissions(
672 companyId, guestPermissions, resource.getResourceId());
673
674 guestPermissionsList = permissionsListFilter.filterGuestPermissions(
675 companyId, groupId, userId, resource.getName(),
676 resource.getPrimKey(), false, guestPermissionsList);
677
678 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
679 Role guestRole = roleLocalService.getRole(
680 companyId, RoleConstants.GUEST);
681
682 rolePersistence.addPermissions(
683 guestRole.getRoleId(), guestPermissionsList);
684 }
685 else {
686 userPersistence.addPermissions(defaultUserId, guestPermissionsList);
687 }
688 }
689
690 protected void addModelResources_6(
691 long companyId, long groupId, long userId, Resource resource,
692 String[] groupPermissions, String[] guestPermissions,
693 PermissionedModel permissionedModel)
694 throws PortalException, SystemException {
695
696
697
698 Role ownerRole = roleLocalService.getRole(
699 companyId, RoleConstants.OWNER);
700
701 List<String> ownerActionIds =
702 ResourceActionsUtil.getModelResourceActions(resource.getName());
703
704 ownerActionIds = ListUtil.copy(ownerActionIds);
705
706 filterOwnerActions(resource.getName(), ownerActionIds);
707
708 String[] ownerPermissions =
709 ownerActionIds.toArray(new String[ownerActionIds.size()]);
710
711
712
713 Role defaultGroupRole = null;
714
715 if (groupId > 0) {
716 defaultGroupRole = roleLocalService.getDefaultGroupRole(groupId);
717
718 if (groupPermissions == null) {
719 groupPermissions = new String[0];
720 }
721 }
722
723
724
725 Role guestRole = roleLocalService.getRole(
726 companyId, RoleConstants.GUEST);
727
728 if (guestPermissions == null) {
729 guestPermissions = new String[0];
730 }
731
732 if (resourceBlockLocalService.isSupported(resource.getName())) {
733
734 if (permissionedModel == null) {
735 throw new IllegalArgumentException(
736 "Permissioned model is null");
737 }
738
739
740
741 resourceBlockLocalService.setIndividualScopePermissions(
742 resource.getCompanyId(), groupId, resource.getName(),
743 permissionedModel, ownerRole.getRoleId(), ownerActionIds);
744
745 if (groupId > 0) {
746 resourceBlockLocalService.setIndividualScopePermissions(
747 resource.getCompanyId(), groupId, resource.getName(),
748 permissionedModel, defaultGroupRole.getRoleId(),
749 Arrays.asList(groupPermissions));
750 }
751
752 resourceBlockLocalService.setIndividualScopePermissions(
753 resource.getCompanyId(), groupId, resource.getName(),
754 permissionedModel, guestRole.getRoleId(),
755 Arrays.asList(guestPermissions));
756 }
757 else {
758 resourcePermissionLocalService.setOwnerResourcePermissions(
759 resource.getCompanyId(), resource.getName(),
760 resource.getScope(), resource.getPrimKey(),
761 ownerRole.getRoleId(), userId, ownerPermissions);
762
763 if (groupId > 0) {
764 resourcePermissionLocalService.setResourcePermissions(
765 resource.getCompanyId(), resource.getName(),
766 resource.getScope(), resource.getPrimKey(),
767 defaultGroupRole.getRoleId(), groupPermissions);
768 }
769
770 resourcePermissionLocalService.setResourcePermissions(
771 resource.getCompanyId(), resource.getName(),
772 resource.getScope(), resource.getPrimKey(),
773 guestRole.getRoleId(), guestPermissions);
774 }
775 }
776
777 protected Resource addResource_1to5(
778 long companyId, String name, int scope, String primKey)
779 throws SystemException {
780
781 ResourceCode resourceCode = resourceCodeLocalService.getResourceCode(
782 companyId, name, scope);
783
784 long codeId = resourceCode.getCodeId();
785
786 Resource resource = resourcePersistence.fetchByC_P(codeId, primKey);
787
788 if (resource == null) {
789 long resourceId = counterLocalService.increment(
790 Resource.class.getName());
791
792 resource = resourcePersistence.create(resourceId);
793
794 resource.setCodeId(codeId);
795 resource.setPrimKey(primKey);
796
797 try {
798 resourcePersistence.update(resource, false);
799 }
800 catch (SystemException se) {
801 if (_log.isWarnEnabled()) {
802 _log.warn(
803 "Add failed, fetch {codeId=" + codeId + ", primKey=" +
804 primKey + "}");
805 }
806
807 resource = resourcePersistence.fetchByC_P(
808 codeId, primKey, false);
809
810 if (resource == null) {
811 throw se;
812 }
813 }
814 }
815
816 return resource;
817 }
818
819 protected Resource addResource_6(
820 long companyId, String name, int scope, String primKey) {
821
822 Resource resource = new ResourceImpl();
823
824 resource.setCompanyId(companyId);
825 resource.setName(name);
826 resource.setScope(scope);
827 resource.setPrimKey(primKey);
828
829 return resource;
830 }
831
832 protected void addResources(
833 long companyId, long groupId, long userId, String name,
834 String primKey, boolean portletActions, boolean addGroupPermissions,
835 boolean addGuestPermissions, PermissionedModel permissionedModel)
836 throws PortalException, SystemException {
837
838 if (!PermissionThreadLocal.isAddResource()) {
839 return;
840 }
841
842 validate(name, portletActions);
843
844
845
846 addResource(
847 companyId, name, ResourceConstants.SCOPE_COMPANY,
848 String.valueOf(companyId));
849
850 if (groupId > 0) {
851 addResource(
852 companyId, name, ResourceConstants.SCOPE_GROUP,
853 String.valueOf(groupId));
854 }
855
856 if (primKey == null) {
857 return;
858 }
859
860
861
862 Resource resource = addResource(
863 companyId, name, ResourceConstants.SCOPE_INDIVIDUAL, primKey);
864
865
866
867 boolean flushEnabled = PermissionThreadLocal.isFlushEnabled();
868
869 PermissionThreadLocal.setIndexEnabled(false);
870
871 List<ResourcePermission> resourcePermissions =
872 resourcePermissionPersistence.findByC_N_S_P(
873 companyId, name, ResourceConstants.SCOPE_INDIVIDUAL, primKey);
874
875 ResourcePermissionsThreadLocal.setResourcePermissions(
876 resourcePermissions);
877
878 try {
879 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
880 addResources_6(
881 companyId, groupId, userId, resource, portletActions,
882 permissionedModel);
883 }
884 else {
885 addResources_1to5(
886 companyId, groupId, userId, resource, portletActions);
887 }
888
889
890
891 if ((groupId > 0) && addGroupPermissions) {
892 addGroupPermissions(
893 companyId, groupId, userId, name, resource, portletActions,
894 permissionedModel);
895 }
896
897
898
899 if (addGuestPermissions) {
900
901
902
903
904 addGuestPermissions(
905 companyId, groupId, userId, name, resource, portletActions,
906 permissionedModel);
907 }
908 }
909 finally {
910 ResourcePermissionsThreadLocal.setResourcePermissions(null);
911
912 PermissionThreadLocal.setIndexEnabled(flushEnabled);
913
914 PermissionCacheUtil.clearCache();
915
916 SearchEngineUtil.updatePermissionFields(name, primKey);
917 }
918 }
919
920 protected void addResources_1to5(
921 long companyId, long groupId, long userId, Resource resource,
922 boolean portletActions)
923 throws PortalException, SystemException {
924
925 List<Permission> permissionsList =
926 permissionLocalService.addPermissions(
927 companyId, resource.getName(), resource.getResourceId(),
928 portletActions);
929
930 PermissionsListFilter permissionsListFilter =
931 PermissionsListFilterFactory.getInstance();
932
933 List<Permission> userPermissionsList =
934 permissionsListFilter.filterUserPermissions(
935 companyId, groupId, userId, resource.getName(),
936 resource.getPrimKey(), portletActions, permissionsList);
937
938 filterOwnerPermissions(resource.getName(), userPermissionsList);
939
940 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
941
942
943
944 Role ownerRole = roleLocalService.getRole(
945 companyId, RoleConstants.OWNER);
946
947 rolePersistence.addPermissions(
948 ownerRole.getRoleId(), userPermissionsList);
949 }
950 else {
951
952
953
954 long defaultUserId = userLocalService.getDefaultUserId(companyId);
955
956 if ((userId > 0) && (userId != defaultUserId)) {
957 userPersistence.addPermissions(userId, userPermissionsList);
958 }
959 }
960 }
961
962 protected void addResources_6(
963 long companyId, long groupId, long userId, Resource resource,
964 boolean portletActions, PermissionedModel permissionedModel)
965 throws PortalException, SystemException {
966
967 List<String> actionIds = null;
968
969 if (portletActions) {
970 actionIds = ResourceActionsUtil.getPortletResourceActions(
971 resource.getName());
972 }
973 else {
974 actionIds = ResourceActionsUtil.getModelResourceActions(
975 resource.getName());
976
977 actionIds = ListUtil.copy(actionIds);
978
979 filterOwnerActions(resource.getName(), actionIds);
980 }
981
982 Role role = roleLocalService.getRole(companyId, RoleConstants.OWNER);
983
984 if (resourceBlockLocalService.isSupported(resource.getName())) {
985 if (permissionedModel == null) {
986 throw new IllegalArgumentException(
987 "Permissioned model is null");
988 }
989
990
991
992 resourceBlockLocalService.setIndividualScopePermissions(
993 resource.getCompanyId(), groupId, resource.getName(),
994 permissionedModel, role.getRoleId(), actionIds);
995 }
996 else {
997 resourcePermissionLocalService.setOwnerResourcePermissions(
998 resource.getCompanyId(), resource.getName(),
999 resource.getScope(), resource.getPrimKey(), role.getRoleId(),
1000 userId, actionIds.toArray(new String[actionIds.size()]));
1001 }
1002 }
1003
1004 protected void deleteResource(
1005 long companyId, String name, int scope, String primKey,
1006 PermissionedModel permissionedModel)
1007 throws PortalException, SystemException{
1008
1009 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
1010 if (resourceBlockLocalService.isSupported(name)) {
1011 if (permissionedModel == null) {
1012 throw new IllegalArgumentException(
1013 "Permissioned model is null");
1014 }
1015
1016 resourceBlockLocalService.releasePermissionedModelResourceBlock(
1017 permissionedModel);
1018
1019 return;
1020 }
1021 else {
1022 resourcePermissionLocalService.deleteResourcePermissions(
1023 companyId, name, scope, primKey);
1024
1025 return;
1026 }
1027 }
1028
1029 try {
1030 Resource resource = getResource(companyId, name, scope, primKey);
1031
1032 deleteResource(resource.getResourceId());
1033 }
1034 catch (NoSuchResourceException nsre) {
1035 if (_log.isWarnEnabled()) {
1036 _log.warn(nsre);
1037 }
1038 }
1039 }
1040
1041 protected Resource fetchResource_1to5(
1042 long companyId, String name, int scope, String primKey)
1043 throws SystemException {
1044
1045 ResourceCode resourceCode = resourceCodeLocalService.getResourceCode(
1046 companyId, name, scope);
1047
1048 return resourcePersistence.fetchByC_P(
1049 resourceCode.getCodeId(), primKey);
1050 }
1051
1052 protected void filterOwnerActions(String name, List<String> actionIds) {
1053 List<String> defaultOwnerActions =
1054 ResourceActionsUtil.getModelResourceOwnerDefaultActions(name);
1055
1056 if (defaultOwnerActions.isEmpty()) {
1057 return;
1058 }
1059
1060 Iterator<String> itr = actionIds.iterator();
1061
1062 while (itr.hasNext()) {
1063 String actionId = itr.next();
1064
1065 if (!defaultOwnerActions.contains(actionId)) {
1066 itr.remove();
1067 }
1068 }
1069 }
1070
1071 protected void filterOwnerPermissions(
1072 String name, List<Permission> permissions) {
1073
1074 List<String> defaultOwnerActions =
1075 ResourceActionsUtil.getModelResourceOwnerDefaultActions(name);
1076
1077 if (defaultOwnerActions.isEmpty()) {
1078 return;
1079 }
1080
1081 Iterator<Permission> itr = permissions.iterator();
1082
1083 while (itr.hasNext()) {
1084 Permission permission = itr.next();
1085
1086 String actionId = permission.getActionId();
1087
1088 if (!defaultOwnerActions.contains(actionId)) {
1089 itr.remove();
1090 }
1091 }
1092 }
1093
1094 protected long getGroupId(AuditedModel auditedModel) {
1095 long groupId = 0;
1096
1097 if (auditedModel instanceof GroupedModel) {
1098 GroupedModel groupedModel = (GroupedModel)auditedModel;
1099
1100 groupId = groupedModel.getGroupId();
1101 }
1102
1103 return groupId;
1104 }
1105
1106 protected PermissionedModel getPermissionedModel(
1107 AuditedModel auditedModel) {
1108
1109 PermissionedModel permissionedModel = null;
1110
1111 if (auditedModel instanceof PermissionedModel) {
1112 permissionedModel = (PermissionedModel)auditedModel;
1113 }
1114
1115 return permissionedModel;
1116 }
1117
1118 protected Resource getResource_1to5(
1119 long companyId, String name, int scope, String primKey)
1120 throws PortalException, SystemException {
1121
1122 ResourceCode resourceCode = resourceCodeLocalService.getResourceCode(
1123 companyId, name, scope);
1124
1125 return resourcePersistence.findByC_P(resourceCode.getCodeId(), primKey);
1126 }
1127
1128 protected Resource getResource_6(
1129 long companyId, String name, int scope, String primKey) {
1130
1131 Resource resource = new ResourceImpl();
1132
1133 resource.setCompanyId(companyId);
1134 resource.setName(name);
1135 resource.setScope(scope);
1136 resource.setPrimKey(primKey);
1137
1138 return resource;
1139 }
1140
1141 protected void updateResources(
1142 long companyId, long groupId, String name, String primKey,
1143 String[] groupPermissions, String[] guestPermissions,
1144 PermissionedModel permissionedModel)
1145 throws PortalException, SystemException {
1146
1147 Resource resource = getResource(
1148 companyId, name, ResourceConstants.SCOPE_INDIVIDUAL, primKey);
1149
1150 if (groupPermissions == null) {
1151 groupPermissions = new String[0];
1152 }
1153
1154 if (guestPermissions == null) {
1155 guestPermissions = new String[0];
1156 }
1157
1158 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
1159 if (resourceBlockLocalService.isSupported(name)) {
1160 updateResources_6Blocks(
1161 companyId, groupId, resource, groupPermissions,
1162 guestPermissions, permissionedModel);
1163 }
1164 else {
1165 updateResources_6(
1166 companyId, groupId, resource, groupPermissions,
1167 guestPermissions);
1168 }
1169 }
1170 else {
1171 updateResources_1to5(
1172 companyId, groupId, resource, groupPermissions,
1173 guestPermissions);
1174 }
1175 }
1176
1177 protected void updateResources_1to5(
1178 long companyId, long groupId, Resource resource,
1179 String[] groupPermissions, String[] guestPermissions)
1180 throws PortalException, SystemException {
1181
1182 Role role = roleLocalService.getDefaultGroupRole(groupId);
1183
1184 permissionLocalService.setRolePermissions(
1185 role.getRoleId(), groupPermissions, resource.getResourceId());
1186
1187 role = roleLocalService.getRole(companyId, RoleConstants.GUEST);
1188
1189 permissionLocalService.setRolePermissions(
1190 role.getRoleId(), guestPermissions, resource.getResourceId());
1191 }
1192
1193 protected void updateResources_1to5(
1194 long companyId, String name, int scope, String primKey,
1195 String newPrimKey)
1196 throws PortalException, SystemException {
1197
1198 Resource resource = getResource(companyId, name, scope, primKey);
1199
1200 resource.setPrimKey(newPrimKey);
1201
1202 resourcePersistence.update(resource, false);
1203 }
1204
1205 protected void updateResources_6(
1206 long companyId, long groupId, Resource resource,
1207 String[] groupPermissions, String[] guestPermissions)
1208 throws PortalException, SystemException {
1209
1210 Role role = roleLocalService.getDefaultGroupRole(groupId);
1211
1212 resourcePermissionLocalService.setResourcePermissions(
1213 resource.getCompanyId(), resource.getName(), resource.getScope(),
1214 resource.getPrimKey(), role.getRoleId(), groupPermissions);
1215
1216 role = roleLocalService.getRole(companyId, RoleConstants.GUEST);
1217
1218 resourcePermissionLocalService.setResourcePermissions(
1219 resource.getCompanyId(), resource.getName(), resource.getScope(),
1220 resource.getPrimKey(), role.getRoleId(), guestPermissions);
1221 }
1222
1223 protected void updateResources_6(
1224 long companyId, String name, int scope, String primKey,
1225 String newPrimKey)
1226 throws SystemException {
1227
1228 List<ResourcePermission> resourcePermissions =
1229 resourcePermissionLocalService.getResourcePermissions(
1230 companyId, name, scope, primKey);
1231
1232 for (ResourcePermission resourcePermission : resourcePermissions) {
1233 resourcePermission.setPrimKey(newPrimKey);
1234
1235 resourcePermissionPersistence.update(resourcePermission, false);
1236 }
1237 }
1238
1239 protected void updateResources_6Blocks(
1240 long companyId, long groupId, Resource resource,
1241 String[] groupPermissions, String[] guestPermissions,
1242 PermissionedModel permissionedModel)
1243 throws PortalException, SystemException {
1244
1245 if (permissionedModel == null) {
1246 throw new IllegalArgumentException("Permissioned model is null");
1247 }
1248
1249
1250
1251 Role role = roleLocalService.getDefaultGroupRole(groupId);
1252
1253 resourceBlockLocalService.setIndividualScopePermissions(
1254 companyId, groupId, resource.getName(), permissionedModel,
1255 role.getRoleId(), Arrays.asList(groupPermissions));
1256
1257 role = roleLocalService.getRole(companyId, RoleConstants.GUEST);
1258
1259 resourceBlockLocalService.setIndividualScopePermissions(
1260 companyId, groupId, resource.getName(), permissionedModel,
1261 role.getRoleId(), Arrays.asList(guestPermissions));
1262 }
1263
1264 protected void validate(String name, boolean portletActions)
1265 throws PortalException {
1266
1267 List<String> actions = null;
1268
1269 if (portletActions) {
1270 actions = ResourceActionsUtil.getPortletResourceActions(name);
1271 }
1272 else {
1273 actions = ResourceActionsUtil.getModelResourceActions(name);
1274 }
1275
1276 if (actions.size() == 0) {
1277 throw new ResourceActionsException(
1278 "There are no actions associated with the resource " + name);
1279 }
1280 }
1281
1282 private static Log _log = LogFactoryUtil.getLog(
1283 ResourceLocalServiceImpl.class);
1284
1285 }