001    /**
002     * Copyright (c) 2000-2012 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.service.permission;
016    
017    import com.liferay.portal.kernel.exception.PortalException;
018    import com.liferay.portal.kernel.exception.SystemException;
019    import com.liferay.portal.kernel.log.Log;
020    import com.liferay.portal.kernel.log.LogFactoryUtil;
021    import com.liferay.portal.kernel.staging.permission.StagingPermissionUtil;
022    import com.liferay.portal.model.Group;
023    import com.liferay.portal.model.Layout;
024    import com.liferay.portal.model.LayoutTypePortlet;
025    import com.liferay.portal.model.Portlet;
026    import com.liferay.portal.model.PortletConstants;
027    import com.liferay.portal.model.impl.VirtualLayout;
028    import com.liferay.portal.security.auth.PrincipalException;
029    import com.liferay.portal.security.permission.ActionKeys;
030    import com.liferay.portal.security.permission.PermissionChecker;
031    import com.liferay.portal.security.permission.ResourceActionsUtil;
032    import com.liferay.portal.service.LayoutLocalServiceUtil;
033    import com.liferay.portal.service.PortletLocalServiceUtil;
034    import com.liferay.portal.util.PropsValues;
035    import com.liferay.portlet.sites.util.SitesUtil;
036    
037    import java.util.Collection;
038    import java.util.List;
039    
040    /**
041     * @author Brian Wing Shun Chan
042     * @author Raymond Augé
043     */
044    public class PortletPermissionImpl implements PortletPermission {
045    
046            public static final boolean DEFAULT_STRICT = false;
047    
048            public void check(
049                            PermissionChecker permissionChecker, Layout layout,
050                            String portletId, String actionId)
051                    throws PortalException, SystemException {
052    
053                    if (!contains(
054                                    permissionChecker, 0, layout, portletId, actionId,
055                                    DEFAULT_STRICT)) {
056    
057                            throw new PrincipalException();
058                    }
059            }
060    
061            public void check(
062                            PermissionChecker permissionChecker, Layout layout,
063                            String portletId, String actionId, boolean strict)
064                    throws PortalException, SystemException {
065    
066                    if (!contains(
067                                    permissionChecker, 0, layout, portletId, actionId, strict)) {
068    
069                            throw new PrincipalException();
070                    }
071            }
072    
073            public void check(
074                            PermissionChecker permissionChecker, long groupId, Layout layout,
075                            String portletId, String actionId)
076                    throws PortalException, SystemException {
077    
078                    if (!contains(
079                                    permissionChecker, groupId, layout, portletId, actionId,
080                                    DEFAULT_STRICT)) {
081    
082                            throw new PrincipalException();
083                    }
084            }
085    
086            public void check(
087                            PermissionChecker permissionChecker, long groupId, Layout layout,
088                            String portletId, String actionId, boolean strict)
089                    throws PortalException, SystemException {
090    
091                    if (!contains(
092                                    permissionChecker, groupId, layout, portletId, actionId,
093                                    strict)) {
094    
095                            throw new PrincipalException();
096                    }
097            }
098    
099            public void check(
100                            PermissionChecker permissionChecker, long groupId, long plid,
101                            String portletId, String actionId)
102                    throws PortalException, SystemException {
103    
104                    check(
105                            permissionChecker, groupId, plid, portletId, actionId,
106                            DEFAULT_STRICT);
107            }
108    
109            public void check(
110                            PermissionChecker permissionChecker, long groupId, long plid,
111                            String portletId, String actionId, boolean strict)
112                    throws PortalException, SystemException {
113    
114                    if (!contains(
115                                    permissionChecker, groupId, plid, portletId, actionId,
116                                    strict)) {
117    
118                            throw new PrincipalException();
119                    }
120            }
121    
122            public void check(
123                            PermissionChecker permissionChecker, long plid, String portletId,
124                            String actionId)
125                    throws PortalException, SystemException {
126    
127                    check(permissionChecker, plid, portletId, actionId, DEFAULT_STRICT);
128            }
129    
130            public void check(
131                            PermissionChecker permissionChecker, long plid, String portletId,
132                            String actionId, boolean strict)
133                    throws PortalException, SystemException {
134    
135                    if (!contains(permissionChecker, plid, portletId, actionId, strict)) {
136                            throw new PrincipalException();
137                    }
138            }
139    
140            public void check(
141                            PermissionChecker permissionChecker, String portletId,
142                            String actionId)
143                    throws PortalException, SystemException {
144    
145                    if (!contains(permissionChecker, portletId, actionId)) {
146                            throw new PrincipalException();
147                    }
148            }
149    
150            public boolean contains(
151                            PermissionChecker permissionChecker, Layout layout, Portlet portlet,
152                            String actionId)
153                    throws PortalException, SystemException {
154    
155                    return contains(
156                            permissionChecker, layout, portlet, actionId, DEFAULT_STRICT);
157            }
158    
159            public boolean contains(
160                            PermissionChecker permissionChecker, Layout layout, Portlet portlet,
161                            String actionId, boolean strict)
162                    throws PortalException, SystemException {
163    
164                    return contains(
165                            permissionChecker, 0, layout, portlet, actionId, strict);
166            }
167    
168            public boolean contains(
169                            PermissionChecker permissionChecker, Layout layout,
170                            String portletId, String actionId)
171                    throws PortalException, SystemException {
172    
173                    return contains(
174                            permissionChecker, layout, portletId, actionId, DEFAULT_STRICT);
175            }
176    
177            public boolean contains(
178                            PermissionChecker permissionChecker, Layout layout,
179                            String portletId, String actionId, boolean strict)
180                    throws PortalException, SystemException {
181    
182                    return contains(
183                            permissionChecker, 0, layout, portletId, actionId, strict);
184            }
185    
186            public boolean contains(
187                            PermissionChecker permissionChecker, long groupId, Layout layout,
188                            Portlet portlet, String actionId)
189                    throws PortalException, SystemException {
190    
191                    return contains(
192                            permissionChecker, groupId, layout, portlet, actionId,
193                            DEFAULT_STRICT);
194            }
195    
196            public boolean contains(
197                            PermissionChecker permissionChecker, long groupId, Layout layout,
198                            Portlet portlet, String actionId, boolean strict)
199                    throws PortalException, SystemException {
200    
201                    if (portlet.isUndeployedPortlet()) {
202                            return false;
203                    }
204    
205                    boolean value = contains(
206                            permissionChecker, groupId, layout, portlet.getPortletId(),
207                            actionId, strict);
208    
209                    if (value) {
210                            return true;
211                    }
212                    else {
213                            if (portlet.isSystem() && actionId.equals(ActionKeys.VIEW)) {
214                                    return true;
215                            }
216                            else {
217                                    return false;
218                            }
219                    }
220            }
221    
222            public boolean contains(
223                            PermissionChecker permissionChecker, long groupId, Layout layout,
224                            String portletId, String actionId)
225                    throws PortalException, SystemException {
226    
227                    return contains(
228                            permissionChecker, groupId, layout, portletId, actionId,
229                            DEFAULT_STRICT);
230            }
231    
232            public boolean contains(
233                            PermissionChecker permissionChecker, long groupId, Layout layout,
234                            String portletId, String actionId, boolean strict)
235                    throws PortalException, SystemException {
236    
237                    String name = null;
238                    String primKey = null;
239    
240                    if (layout == null) {
241                            name = portletId;
242                            primKey = portletId;
243    
244                            return permissionChecker.hasPermission(
245                                    groupId, name, primKey, actionId);
246                    }
247    
248                    Group group = layout.getGroup();
249    
250                    groupId = group.getGroupId();
251    
252                    name = PortletConstants.getRootPortletId(portletId);
253                    primKey = getPrimaryKey(layout.getPlid(), portletId);
254    
255                    if (!actionId.equals(ActionKeys.VIEW) &&
256                            (layout instanceof VirtualLayout)) {
257    
258                            return hasCustomizePermission(
259                                    permissionChecker, layout, portletId, actionId);
260                    }
261    
262                    if (!group.isLayoutSetPrototype() &&
263                            !SitesUtil.isLayoutUpdateable(layout) &&
264                            actionId.equals(ActionKeys.CONFIGURATION)) {
265    
266                            return false;
267                    }
268    
269                    Boolean hasPermission = StagingPermissionUtil.hasPermission(
270                            permissionChecker, groupId, name, groupId, name, actionId);
271    
272                    if (hasPermission != null) {
273                            return hasPermission.booleanValue();
274                    }
275    
276                    if ((layout.isPrivateLayout() &&
277                             !PropsValues.LAYOUT_USER_PRIVATE_LAYOUTS_MODIFIABLE) ||
278                            (layout.isPublicLayout() &&
279                             !PropsValues.LAYOUT_USER_PUBLIC_LAYOUTS_MODIFIABLE)) {
280    
281                            if (actionId.equals(ActionKeys.CONFIGURATION) && group.isUser()) {
282                                    return false;
283                            }
284                    }
285    
286                    if (actionId.equals(ActionKeys.VIEW) && group.isControlPanel()) {
287                            return true;
288                    }
289    
290                    if (strict) {
291                            return permissionChecker.hasPermission(
292                                    groupId, name, primKey, actionId);
293                    }
294    
295                    if (hasConfigurePermission(
296                                    permissionChecker, layout, portletId, actionId) ||
297                            hasCustomizePermission(
298                                    permissionChecker, layout, portletId, actionId)) {
299    
300                            return true;
301                    }
302    
303                    return permissionChecker.hasPermission(
304                            groupId, name, primKey, actionId);
305            }
306    
307            public boolean contains(
308                    PermissionChecker permissionChecker, long groupId, long plid,
309                    Collection<Portlet> portlets, String actionId) {
310    
311                    for (Portlet portlet : portlets) {
312                            if (permissionChecker.hasPermission(
313                                            groupId, portlet.getPortletId(), portlet.getPortletId(),
314                                            ActionKeys.ACCESS_IN_CONTROL_PANEL)) {
315    
316                                    return true;
317                            }
318                    }
319    
320                    return false;
321            }
322    
323            public boolean contains(
324                            PermissionChecker permissionChecker, long groupId, long plid,
325                            Portlet portlet, String actionId)
326                    throws PortalException, SystemException {
327    
328                    Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
329    
330                    return contains(
331                            permissionChecker, groupId, layout, portlet, actionId,
332                            DEFAULT_STRICT);
333            }
334    
335            public boolean contains(
336                            PermissionChecker permissionChecker, long groupId, long plid,
337                            Portlet portlet, String actionId, boolean strict)
338                    throws PortalException, SystemException {
339    
340                    Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
341    
342                    return contains(
343                            permissionChecker, groupId, layout, portlet, actionId, strict);
344            }
345    
346            public boolean contains(
347                            PermissionChecker permissionChecker, long groupId, long plid,
348                            String portletId, String actionId)
349                    throws PortalException, SystemException {
350    
351                    Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
352    
353                    return contains(
354                            permissionChecker, groupId, layout, portletId, actionId,
355                            DEFAULT_STRICT);
356            }
357    
358            public boolean contains(
359                            PermissionChecker permissionChecker, long groupId, long plid,
360                            String portletId, String actionId, boolean strict)
361                    throws PortalException, SystemException {
362    
363                    Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
364    
365                    return contains(
366                            permissionChecker, groupId, layout, portletId, actionId, strict);
367            }
368    
369            public boolean contains(
370                            PermissionChecker permissionChecker, long plid, Portlet portlet,
371                            String actionId)
372                    throws PortalException, SystemException {
373    
374                    Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
375    
376                    return contains(
377                            permissionChecker, layout, portlet, actionId, DEFAULT_STRICT);
378            }
379    
380            public boolean contains(
381                            PermissionChecker permissionChecker, long plid, Portlet portlet,
382                            String actionId, boolean strict)
383                    throws PortalException, SystemException {
384    
385                    Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
386    
387                    return contains(
388                            permissionChecker, 0, layout, portlet, actionId, strict);
389            }
390    
391            public boolean contains(
392                            PermissionChecker permissionChecker, long plid, String portletId,
393                            String actionId)
394                    throws PortalException, SystemException {
395    
396                    Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
397    
398                    return contains(
399                            permissionChecker, layout, portletId, actionId, DEFAULT_STRICT);
400            }
401    
402            public boolean contains(
403                            PermissionChecker permissionChecker, long plid, String portletId,
404                            String actionId, boolean strict)
405                    throws PortalException, SystemException {
406    
407                    Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
408    
409                    return contains(
410                            permissionChecker, 0, layout, portletId, actionId, strict);
411            }
412    
413            public boolean contains(
414                            PermissionChecker permissionChecker, String portletId,
415                            String actionId)
416                    throws PortalException, SystemException {
417    
418                    return contains(permissionChecker, 0, portletId, actionId);
419            }
420    
421            public String getPrimaryKey(long plid, String portletId) {
422                    return String.valueOf(plid).concat(
423                            PortletConstants.LAYOUT_SEPARATOR).concat(portletId);
424            }
425    
426            public boolean hasLayoutManagerPermission(
427                    String portletId, String actionId) {
428    
429                    try {
430                            portletId = PortletConstants.getRootPortletId(portletId);
431    
432                            List<String> layoutManagerActions =
433                                    ResourceActionsUtil.getPortletResourceLayoutManagerActions(
434                                            portletId);
435    
436                            return layoutManagerActions.contains(actionId);
437                    }
438                    catch (Exception e) {
439                            _log.error(e, e);
440    
441                            return false;
442                    }
443            }
444    
445            protected boolean hasConfigurePermission(
446                            PermissionChecker permissionChecker, Layout layout,
447                            String portletId, String actionId)
448                    throws PortalException, SystemException {
449    
450                    if (!actionId.equals(ActionKeys.CONFIGURATION)) {
451                            return false;
452                    }
453    
454                    Portlet portlet = PortletLocalServiceUtil.getPortletById(
455                            layout.getCompanyId(), portletId);
456    
457                    if (portlet.isPreferencesUniquePerLayout()) {
458                            return LayoutPermissionUtil.contains(
459                                    permissionChecker, layout, ActionKeys.CONFIGURE_PORTLETS);
460                    }
461    
462                    return GroupPermissionUtil.contains(
463                            permissionChecker, layout.getGroupId(),
464                            ActionKeys.CONFIGURE_PORTLETS);
465            }
466    
467            protected boolean hasCustomizePermission(
468                            PermissionChecker permissionChecker, Layout layout,
469                            String portletId, String actionId)
470                    throws PortalException, SystemException {
471    
472                    LayoutTypePortlet layoutTypePortlet =
473                            (LayoutTypePortlet)layout.getLayoutType();
474    
475                    if (layoutTypePortlet.isCustomizedView() &&
476                            layoutTypePortlet.isPortletCustomizable(portletId) &&
477                            LayoutPermissionUtil.contains(
478                                    permissionChecker, layout, ActionKeys.CUSTOMIZE)) {
479    
480                            if (actionId.equals(ActionKeys.VIEW)) {
481                                    return true;
482                            }
483                            else if (actionId.equals(ActionKeys.CONFIGURATION)) {
484                                    Portlet portlet = PortletLocalServiceUtil.getPortletById(
485                                            layout.getCompanyId(), portletId);
486    
487                                    if (portlet.isPreferencesUniquePerLayout()) {
488                                            return true;
489                                    }
490                            }
491                    }
492    
493                    return false;
494            }
495    
496            private static Log _log = LogFactoryUtil.getLog(
497                    PortletPermissionImpl.class);
498    
499    }