001
014
015 package com.liferay.portal.service.impl;
016
017 import com.liferay.portal.NoSuchResourceException;
018 import com.liferay.portal.ResourceActionsException;
019 import com.liferay.portal.kernel.exception.PortalException;
020 import com.liferay.portal.kernel.exception.SystemException;
021 import com.liferay.portal.kernel.log.Log;
022 import com.liferay.portal.kernel.log.LogFactoryUtil;
023 import com.liferay.portal.kernel.search.SearchEngineUtil;
024 import com.liferay.portal.kernel.util.ListUtil;
025 import com.liferay.portal.model.AuditedModel;
026 import com.liferay.portal.model.ClassedModel;
027 import com.liferay.portal.model.Group;
028 import com.liferay.portal.model.GroupConstants;
029 import com.liferay.portal.model.GroupedModel;
030 import com.liferay.portal.model.Permission;
031 import com.liferay.portal.model.PermissionedModel;
032 import com.liferay.portal.model.Resource;
033 import com.liferay.portal.model.ResourceCode;
034 import com.liferay.portal.model.ResourceConstants;
035 import com.liferay.portal.model.ResourcePermission;
036 import com.liferay.portal.model.Role;
037 import com.liferay.portal.model.RoleConstants;
038 import com.liferay.portal.model.impl.ResourceImpl;
039 import com.liferay.portal.security.permission.PermissionCacheUtil;
040 import com.liferay.portal.security.permission.PermissionThreadLocal;
041 import com.liferay.portal.security.permission.PermissionsListFilter;
042 import com.liferay.portal.security.permission.PermissionsListFilterFactory;
043 import com.liferay.portal.security.permission.ResourceActionsUtil;
044 import com.liferay.portal.service.ServiceContext;
045 import com.liferay.portal.service.base.ResourceLocalServiceBaseImpl;
046 import com.liferay.portal.util.PropsValues;
047 import com.liferay.portal.util.ResourcePermissionsThreadLocal;
048 import com.liferay.portal.util.comparator.ResourceComparator;
049
050 import java.util.Arrays;
051 import java.util.Iterator;
052 import java.util.List;
053
054
061 public class ResourceLocalServiceImpl extends ResourceLocalServiceBaseImpl {
062
063 public void addModelResources(
064 AuditedModel auditedModel, ServiceContext serviceContext)
065 throws PortalException, SystemException {
066
067 ClassedModel classedModel = (ClassedModel)auditedModel;
068
069 if (serviceContext.isAddGroupPermissions() ||
070 serviceContext.isAddGuestPermissions()) {
071
072 addResources(
073 auditedModel.getCompanyId(), getGroupId(auditedModel),
074 auditedModel.getUserId(), classedModel.getModelClassName(),
075 String.valueOf(classedModel.getPrimaryKeyObj()), false,
076 serviceContext.isAddGroupPermissions(),
077 serviceContext.isAddGuestPermissions(),
078 getPermissionedModel(auditedModel));
079 }
080 else {
081 if (serviceContext.isDeriveDefaultPermissions()) {
082 serviceContext.deriveDefaultPermissions(
083 getGroupId(auditedModel), classedModel.getModelClassName());
084 }
085
086 addModelResources(
087 auditedModel.getCompanyId(), getGroupId(auditedModel),
088 auditedModel.getUserId(), classedModel.getModelClassName(),
089 String.valueOf(classedModel.getPrimaryKeyObj()),
090 serviceContext.getGroupPermissions(),
091 serviceContext.getGuestPermissions(),
092 getPermissionedModel(auditedModel));
093 }
094 }
095
096 public void addModelResources(
097 long companyId, long groupId, long userId, String name,
098 long primKey, String[] groupPermissions, String[] guestPermissions)
099 throws PortalException, SystemException {
100
101 addModelResources(
102 companyId, groupId, userId, name, String.valueOf(primKey),
103 groupPermissions, guestPermissions, null);
104 }
105
106 public void addModelResources(
107 long companyId, long groupId, long userId, String name,
108 String primKey, String[] groupPermissions,
109 String[] guestPermissions)
110 throws PortalException, SystemException {
111
112 addModelResources(
113 companyId, groupId, userId, name, primKey, groupPermissions,
114 guestPermissions, null);
115 }
116
117 public Resource addResource(
118 long companyId, String name, int scope, String primKey)
119 throws SystemException {
120
121 if (!PermissionThreadLocal.isAddResource()) {
122 return null;
123 }
124
125 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
126 return addResource_6(companyId, name, scope, primKey);
127 }
128 else {
129 return addResource_1to5(companyId, name, scope, primKey);
130 }
131 }
132
133 public void addResources(
134 long companyId, long groupId, long userId, String name,
135 long primKey, boolean portletActions,
136 boolean addGroupPermissions, boolean addGuestPermissions)
137 throws PortalException, SystemException {
138
139 addResources(
140 companyId, groupId, userId, name, String.valueOf(primKey),
141 portletActions, addGroupPermissions, addGuestPermissions, null);
142 }
143
144 public void addResources(
145 long companyId, long groupId, long userId, String name,
146 String primKey, boolean portletActions,
147 boolean addGroupPermissions, boolean addGuestPermissions)
148 throws PortalException, SystemException {
149
150 addResources(
151 companyId, groupId, userId, name, primKey, portletActions,
152 addGroupPermissions, addGuestPermissions, null);
153 }
154
155 public void addResources(
156 long companyId, long groupId, String name, boolean portletActions)
157 throws PortalException, SystemException {
158
159 addResources(
160 companyId, groupId, 0, name, null, portletActions, false, false);
161 }
162
163 public void deleteResource(AuditedModel auditedModel, int scope)
164 throws PortalException, SystemException {
165
166 ClassedModel classedModel = (ClassedModel)auditedModel;
167
168 deleteResource(
169 auditedModel.getCompanyId(), classedModel.getModelClassName(),
170 scope, String.valueOf(classedModel.getPrimaryKeyObj()),
171 getPermissionedModel(auditedModel));
172 }
173
174 @Override
175 public void deleteResource(long resourceId) throws SystemException {
176 try {
177 Resource resource = resourcePersistence.findByPrimaryKey(
178 resourceId);
179
180 deleteResource(resource);
181 }
182 catch (NoSuchResourceException nsre) {
183 if (_log.isWarnEnabled()) {
184 _log.warn(nsre);
185 }
186 }
187 }
188
189 public void deleteResource(
190 long companyId, String name, int scope, long primKey)
191 throws PortalException, SystemException {
192
193 deleteResource(companyId, name, scope, String.valueOf(primKey), null);
194 }
195
196 public void deleteResource(
197 long companyId, String name, int scope, String primKey)
198 throws PortalException, SystemException {
199
200 deleteResource(companyId, name, scope, primKey, null);
201 }
202
203 @Override
204 public void deleteResource(Resource resource) throws SystemException {
205
206
207
208 List<Permission> permissions = permissionPersistence.findByResourceId(
209 resource.getResourceId());
210
211 for (Permission permission : permissions) {
212 orgGroupPermissionPersistence.removeByPermissionId(
213 permission.getPermissionId());
214 }
215
216 permissionPersistence.removeByResourceId(resource.getResourceId());
217
218
219
220 resourcePersistence.remove(resource);
221 }
222
223 public void deleteResources(String name) throws SystemException {
224 List<Resource> resources = resourceFinder.findByName(name);
225
226 for (Resource resource : resources) {
227 deleteResource(resource);
228 }
229 }
230
231 public Resource fetchResource(
232 long companyId, String name, int scope, String primKey)
233 throws SystemException {
234
235 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
236 return getResource_6(companyId, name, scope, primKey);
237 }
238 else {
239 return fetchResource_1to5(companyId, name, scope, primKey);
240 }
241 }
242
243 public long getLatestResourceId() throws SystemException {
244 List<Resource> resources = resourcePersistence.findAll(
245 0, 1, new ResourceComparator());
246
247 if (resources.size() == 0) {
248 return 0;
249 }
250 else {
251 Resource resource = resources.get(0);
252
253 return resource.getResourceId();
254 }
255 }
256
257 @Override
258 public Resource getResource(long resourceId)
259 throws PortalException, SystemException {
260
261 return resourcePersistence.findByPrimaryKey(resourceId);
262 }
263
264 public Resource getResource(
265 long companyId, String name, int scope, String primKey)
266 throws PortalException, SystemException {
267
268 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
269 return getResource_6(companyId, name, scope, primKey);
270 }
271 else {
272 return getResource_1to5(companyId, name, scope, primKey);
273 }
274 }
275
276 public List<Resource> getResources() throws SystemException {
277 return resourcePersistence.findAll();
278 }
279
280 public void updateModelResources(
281 AuditedModel auditedModel, ServiceContext serviceContext)
282 throws PortalException, SystemException {
283
284 ClassedModel classedModel = (ClassedModel)auditedModel;
285
286 updateResources(
287 auditedModel.getCompanyId(), getGroupId(auditedModel),
288 classedModel.getModelClassName(),
289 String.valueOf(classedModel.getPrimaryKeyObj()),
290 serviceContext.getGroupPermissions(),
291 serviceContext.getGuestPermissions(),
292 getPermissionedModel(auditedModel));
293 }
294
295 public void updateResources(
296 long companyId, long groupId, String name, long primKey,
297 String[] groupPermissions, String[] guestPermissions)
298 throws PortalException, SystemException {
299
300 updateResources(
301 companyId, groupId, name, String.valueOf(primKey), groupPermissions,
302 guestPermissions, null);
303 }
304
305 public void updateResources(
306 long companyId, long groupId, String name, String primKey,
307 String[] groupPermissions, String[] guestPermissions)
308 throws PortalException, SystemException {
309
310 updateResources(
311 companyId, groupId, name, primKey, groupPermissions,
312 guestPermissions, null);
313 }
314
315 public void updateResources(
316 long companyId, String name, int scope, String primKey,
317 String newPrimKey)
318 throws PortalException, SystemException {
319
320 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
321 if (resourceBlockLocalService.isSupported(name)) {
322
323
324
325
326
327 }
328 else {
329 updateResources_6(companyId, name, scope, primKey, newPrimKey);
330 }
331 }
332 else {
333 updateResources_1to5(companyId, name, scope, primKey, newPrimKey);
334 }
335 }
336
337 protected void addGroupPermissions(
338 long companyId, long groupId, long userId, String name,
339 Resource resource, boolean portletActions,
340 PermissionedModel permissionedModel)
341 throws PortalException, SystemException {
342
343 List<String> actions = null;
344
345 if (portletActions) {
346 actions = ResourceActionsUtil.getPortletResourceGroupDefaultActions(
347 name);
348 }
349 else {
350 actions = ResourceActionsUtil.getModelResourceGroupDefaultActions(
351 name);
352 }
353
354 String[] actionIds = actions.toArray(new String[actions.size()]);
355
356 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
357 if (resourceBlockLocalService.isSupported(name)) {
358 addGroupPermissions_6Blocks(
359 groupId, resource, actions, permissionedModel);
360 }
361 else {
362 addGroupPermissions_6(groupId, resource, actionIds);
363 }
364 }
365 else {
366 addGroupPermissions_1to5(
367 companyId, groupId, userId, name, resource, portletActions,
368 actionIds);
369 }
370 }
371
372 protected void addGroupPermissions_1to5(
373 long companyId, long groupId, long userId, String name,
374 Resource resource, boolean portletActions, String[] actionIds)
375 throws PortalException, SystemException {
376
377 long resourceId = resource.getResourceId();
378 String primKey = resource.getPrimKey();
379
380 List<Permission> groupPermissionsList =
381 permissionLocalService.getPermissions(
382 companyId, actionIds, resourceId);
383
384 PermissionsListFilter permissionsListFilter =
385 PermissionsListFilterFactory.getInstance();
386
387 groupPermissionsList =
388 permissionsListFilter.filterGroupPermissions(
389 companyId, groupId, userId, name, primKey, portletActions,
390 groupPermissionsList);
391
392 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
393 Role role = roleLocalService.getDefaultGroupRole(groupId);
394
395 rolePersistence.addPermissions(
396 role.getRoleId(), groupPermissionsList);
397 }
398 else {
399 groupPersistence.addPermissions(groupId, groupPermissionsList);
400 }
401 }
402
403 protected void addGroupPermissions_6(
404 long groupId, Resource resource, String[] actionIds)
405 throws PortalException, SystemException {
406
407 Role role = roleLocalService.getDefaultGroupRole(groupId);
408
409 resourcePermissionLocalService.setResourcePermissions(
410 resource.getCompanyId(), resource.getName(), resource.getScope(),
411 resource.getPrimKey(), role.getRoleId(), actionIds);
412 }
413
414 protected void addGroupPermissions_6Blocks(
415 long groupId, Resource resource, List<String> actionIds,
416 PermissionedModel permissionedModel)
417 throws PortalException, SystemException {
418
419 if (permissionedModel == null) {
420 throw new IllegalArgumentException("Permissioned model is null");
421 }
422
423
424
425 Role role = roleLocalService.getDefaultGroupRole(groupId);
426
427 resourceBlockLocalService.setIndividualScopePermissions(
428 resource.getCompanyId(), groupId, resource.getName(),
429 permissionedModel, role.getRoleId(), actionIds);
430 }
431
432 protected void addGuestPermissions(
433 long companyId, long groupId, long userId, String name,
434 Resource resource, boolean portletActions,
435 PermissionedModel permissionedModel)
436 throws PortalException, SystemException {
437
438 List<String> actions = null;
439
440 if (portletActions) {
441 actions = ResourceActionsUtil.getPortletResourceGuestDefaultActions(
442 name);
443 }
444 else {
445 actions = ResourceActionsUtil.getModelResourceGuestDefaultActions(
446 name);
447 }
448
449 String[] actionIds = actions.toArray(new String[actions.size()]);
450
451 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
452 if (resourceBlockLocalService.isSupported(name)) {
453 addGuestPermissions_6Blocks(
454 companyId, groupId, resource, actions, permissionedModel);
455 }
456 else {
457 addGuestPermissions_6(companyId, resource, actionIds);
458 }
459 }
460 else {
461 addGuestPermissions_1to5(
462 companyId, groupId, userId, name, resource, portletActions,
463 actionIds);
464 }
465 }
466
467 protected void addGuestPermissions_1to5(
468 long companyId, long groupId, long userId, String name,
469 Resource resource, boolean portletActions, String[] actionIds)
470 throws PortalException, SystemException {
471
472 List<Permission> guestPermissionsList =
473 permissionLocalService.getPermissions(
474 companyId, actionIds, resource.getResourceId());
475
476 PermissionsListFilter permissionsListFilter =
477 PermissionsListFilterFactory.getInstance();
478
479 guestPermissionsList =
480 permissionsListFilter.filterGuestPermissions(
481 companyId, groupId, userId, name, resource.getPrimKey(),
482 portletActions, guestPermissionsList);
483
484 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
485 Role guestRole = roleLocalService.getRole(
486 companyId, RoleConstants.GUEST);
487
488 rolePersistence.addPermissions(
489 guestRole.getRoleId(), guestPermissionsList);
490 }
491 else {
492 long defaultUserId = userLocalService.getDefaultUserId(companyId);
493
494 userPersistence.addPermissions(defaultUserId, guestPermissionsList);
495 }
496 }
497
498 protected void addGuestPermissions_6(
499 long companyId, Resource resource, String[] actionIds)
500 throws PortalException, SystemException {
501
502 Role guestRole = roleLocalService.getRole(
503 companyId, RoleConstants.GUEST);
504
505 resourcePermissionLocalService.setResourcePermissions(
506 resource.getCompanyId(), resource.getName(), resource.getScope(),
507 resource.getPrimKey(), guestRole.getRoleId(), actionIds);
508 }
509
510 protected void addGuestPermissions_6Blocks(
511 long companyId, long groupId, Resource resource,
512 List<String> actionIds, PermissionedModel permissionedModel)
513 throws PortalException, SystemException {
514
515 if (permissionedModel == null) {
516 throw new IllegalArgumentException("Permissioned model is null");
517 }
518
519
520
521 Role guestRole = roleLocalService.getRole(
522 companyId, RoleConstants.GUEST);
523
524 resourceBlockLocalService.setIndividualScopePermissions(
525 resource.getCompanyId(), groupId, resource.getName(),
526 permissionedModel, guestRole.getRoleId(), actionIds);
527 }
528
529 protected void addModelResources(
530 long companyId, long groupId, long userId, String name,
531 String primKey, String[] groupPermissions,
532 String[] guestPermissions, PermissionedModel permissionedModel)
533 throws PortalException, SystemException {
534
535 if (!PermissionThreadLocal.isAddResource()) {
536 return;
537 }
538
539 validate(name, false);
540
541
542
543 addResource(
544 companyId, name, ResourceConstants.SCOPE_COMPANY,
545 String.valueOf(companyId));
546
547
548
549 Group guestGroup = groupLocalService.getGroup(
550 companyId, GroupConstants.GUEST);
551
552 addResource(
553 companyId, name, ResourceConstants.SCOPE_GROUP,
554 String.valueOf(guestGroup.getGroupId()));
555
556
557
558 if ((groupId > 0) && (guestGroup.getGroupId() != groupId)) {
559 addResource(
560 companyId, name, ResourceConstants.SCOPE_GROUP,
561 String.valueOf(groupId));
562 }
563
564 if (primKey == null) {
565 return;
566 }
567
568
569
570 Resource resource = addResource(
571 companyId, name, ResourceConstants.SCOPE_INDIVIDUAL, primKey);
572
573
574
575 boolean flushEnabled = PermissionThreadLocal.isFlushEnabled();
576
577 PermissionThreadLocal.setIndexEnabled(false);
578
579 try {
580 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
581 addModelResources_6(
582 companyId, groupId, userId, resource, groupPermissions,
583 guestPermissions, permissionedModel);
584 }
585 else {
586 addModelResources_1to5(
587 companyId, groupId, userId, resource, groupPermissions,
588 guestPermissions);
589 }
590 }
591 finally {
592 PermissionThreadLocal.setIndexEnabled(flushEnabled);
593
594 PermissionCacheUtil.clearCache();
595
596 SearchEngineUtil.updatePermissionFields(name, primKey);
597 }
598 }
599
600 protected void addModelResources_1to5(
601 long companyId, long groupId, long userId, Resource resource,
602 String[] groupPermissions, String[] guestPermissions)
603 throws PortalException, SystemException {
604
605 long defaultUserId = userLocalService.getDefaultUserId(companyId);
606
607 PermissionsListFilter permissionsListFilter =
608 PermissionsListFilterFactory.getInstance();
609
610 List<Permission> permissionsList =
611 permissionLocalService.addPermissions(
612 companyId, resource.getName(), resource.getResourceId(), false);
613
614 List<Permission> userPermissionsList =
615 permissionsListFilter.filterUserPermissions(
616 companyId, groupId, userId, resource.getName(),
617 resource.getPrimKey(), false, permissionsList);
618
619 filterOwnerPermissions(resource.getName(), userPermissionsList);
620
621 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
622
623
624
625 Role ownerRole = roleLocalService.getRole(
626 companyId, RoleConstants.OWNER);
627
628 rolePersistence.addPermissions(
629 ownerRole.getRoleId(), userPermissionsList);
630 }
631 else {
632
633
634
635 if ((userId > 0) && (userId != defaultUserId)) {
636 userPersistence.addPermissions(userId, userPermissionsList);
637 }
638 }
639
640
641
642 if (groupId > 0) {
643 if (groupPermissions == null) {
644 groupPermissions = new String[0];
645 }
646
647 List<Permission> groupPermissionsList =
648 permissionLocalService.getPermissions(
649 companyId, groupPermissions, resource.getResourceId());
650
651 groupPermissionsList =
652 permissionsListFilter.filterGroupPermissions(
653 companyId, groupId, userId, resource.getName(),
654 resource.getPrimKey(), false, groupPermissionsList);
655
656 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
657 Role role = roleLocalService.getDefaultGroupRole(groupId);
658
659 rolePersistence.addPermissions(
660 role.getRoleId(), groupPermissionsList);
661 }
662 else {
663 groupPersistence.addPermissions(groupId, groupPermissionsList);
664 }
665 }
666
667
668
669 if (guestPermissions == null) {
670 guestPermissions = new String[0];
671 }
672
673 List<Permission> guestPermissionsList =
674 permissionLocalService.getPermissions(
675 companyId, guestPermissions, resource.getResourceId());
676
677 guestPermissionsList = permissionsListFilter.filterGuestPermissions(
678 companyId, groupId, userId, resource.getName(),
679 resource.getPrimKey(), false, guestPermissionsList);
680
681 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
682 Role guestRole = roleLocalService.getRole(
683 companyId, RoleConstants.GUEST);
684
685 rolePersistence.addPermissions(
686 guestRole.getRoleId(), guestPermissionsList);
687 }
688 else {
689 userPersistence.addPermissions(defaultUserId, guestPermissionsList);
690 }
691 }
692
693 protected void addModelResources_6(
694 long companyId, long groupId, long userId, Resource resource,
695 String[] groupPermissions, String[] guestPermissions,
696 PermissionedModel permissionedModel)
697 throws PortalException, SystemException {
698
699
700
701 Role ownerRole = roleLocalService.getRole(
702 companyId, RoleConstants.OWNER);
703
704 List<String> ownerActionIds =
705 ResourceActionsUtil.getModelResourceActions(resource.getName());
706
707 ownerActionIds = ListUtil.copy(ownerActionIds);
708
709 filterOwnerActions(resource.getName(), ownerActionIds);
710
711 String[] ownerPermissions =
712 ownerActionIds.toArray(new String[ownerActionIds.size()]);
713
714
715
716 Role defaultGroupRole = null;
717
718 if (groupId > 0) {
719 defaultGroupRole = roleLocalService.getDefaultGroupRole(groupId);
720
721 if (groupPermissions == null) {
722 groupPermissions = new String[0];
723 }
724 }
725
726
727
728 Role guestRole = roleLocalService.getRole(
729 companyId, RoleConstants.GUEST);
730
731 if (guestPermissions == null) {
732 guestPermissions = new String[0];
733 }
734
735 if (resourceBlockLocalService.isSupported(resource.getName())) {
736
737 if (permissionedModel == null) {
738 throw new IllegalArgumentException(
739 "Permissioned model is null");
740 }
741
742
743
744 resourceBlockLocalService.setIndividualScopePermissions(
745 resource.getCompanyId(), groupId, resource.getName(),
746 permissionedModel, ownerRole.getRoleId(), ownerActionIds);
747
748 if (groupId > 0) {
749 resourceBlockLocalService.setIndividualScopePermissions(
750 resource.getCompanyId(), groupId, resource.getName(),
751 permissionedModel, defaultGroupRole.getRoleId(),
752 Arrays.asList(groupPermissions));
753 }
754
755 resourceBlockLocalService.setIndividualScopePermissions(
756 resource.getCompanyId(), groupId, resource.getName(),
757 permissionedModel, guestRole.getRoleId(),
758 Arrays.asList(guestPermissions));
759 }
760 else {
761 resourcePermissionLocalService.setOwnerResourcePermissions(
762 resource.getCompanyId(), resource.getName(),
763 resource.getScope(), resource.getPrimKey(),
764 ownerRole.getRoleId(), userId, ownerPermissions);
765
766 if (groupId > 0) {
767 resourcePermissionLocalService.setResourcePermissions(
768 resource.getCompanyId(), resource.getName(),
769 resource.getScope(), resource.getPrimKey(),
770 defaultGroupRole.getRoleId(), groupPermissions);
771 }
772
773 resourcePermissionLocalService.setResourcePermissions(
774 resource.getCompanyId(), resource.getName(),
775 resource.getScope(), resource.getPrimKey(),
776 guestRole.getRoleId(), guestPermissions);
777 }
778 }
779
780 protected Resource addResource_1to5(
781 long companyId, String name, int scope, String primKey)
782 throws SystemException {
783
784 ResourceCode resourceCode = resourceCodeLocalService.getResourceCode(
785 companyId, name, scope);
786
787 long codeId = resourceCode.getCodeId();
788
789 Resource resource = resourcePersistence.fetchByC_P(codeId, primKey);
790
791 if (resource == null) {
792 long resourceId = counterLocalService.increment(
793 Resource.class.getName());
794
795 resource = resourcePersistence.create(resourceId);
796
797 resource.setCodeId(codeId);
798 resource.setPrimKey(primKey);
799
800 try {
801 resourcePersistence.update(resource, false);
802 }
803 catch (SystemException se) {
804 if (_log.isWarnEnabled()) {
805 _log.warn(
806 "Add failed, fetch {codeId=" + codeId + ", primKey=" +
807 primKey + "}");
808 }
809
810 resource = resourcePersistence.fetchByC_P(
811 codeId, primKey, false);
812
813 if (resource == null) {
814 throw se;
815 }
816 }
817 }
818
819 return resource;
820 }
821
822 protected Resource addResource_6(
823 long companyId, String name, int scope, String primKey) {
824
825 Resource resource = new ResourceImpl();
826
827 resource.setCompanyId(companyId);
828 resource.setName(name);
829 resource.setScope(scope);
830 resource.setPrimKey(primKey);
831
832 return resource;
833 }
834
835 protected void addResources(
836 long companyId, long groupId, long userId, String name,
837 String primKey, boolean portletActions, boolean addGroupPermissions,
838 boolean addGuestPermissions, PermissionedModel permissionedModel)
839 throws PortalException, SystemException {
840
841 if (!PermissionThreadLocal.isAddResource()) {
842 return;
843 }
844
845 validate(name, portletActions);
846
847
848
849 addResource(
850 companyId, name, ResourceConstants.SCOPE_COMPANY,
851 String.valueOf(companyId));
852
853 if (groupId > 0) {
854 addResource(
855 companyId, name, ResourceConstants.SCOPE_GROUP,
856 String.valueOf(groupId));
857 }
858
859 if (primKey == null) {
860 return;
861 }
862
863
864
865 Resource resource = addResource(
866 companyId, name, ResourceConstants.SCOPE_INDIVIDUAL, primKey);
867
868
869
870 boolean flushEnabled = PermissionThreadLocal.isFlushEnabled();
871
872 PermissionThreadLocal.setIndexEnabled(false);
873
874 List<ResourcePermission> resourcePermissions =
875 resourcePermissionPersistence.findByC_N_S_P(
876 companyId, name, ResourceConstants.SCOPE_INDIVIDUAL, primKey);
877
878 ResourcePermissionsThreadLocal.setResourcePermissions(
879 resourcePermissions);
880
881 try {
882 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
883 addResources_6(
884 companyId, groupId, userId, resource, portletActions,
885 permissionedModel);
886 }
887 else {
888 addResources_1to5(
889 companyId, groupId, userId, resource, portletActions);
890 }
891
892
893
894 if ((groupId > 0) && addGroupPermissions) {
895 addGroupPermissions(
896 companyId, groupId, userId, name, resource, portletActions,
897 permissionedModel);
898 }
899
900
901
902 if (addGuestPermissions) {
903
904
905
906
907 addGuestPermissions(
908 companyId, groupId, userId, name, resource, portletActions,
909 permissionedModel);
910 }
911 }
912 finally {
913 ResourcePermissionsThreadLocal.setResourcePermissions(null);
914
915 PermissionThreadLocal.setIndexEnabled(flushEnabled);
916
917 PermissionCacheUtil.clearCache();
918
919 SearchEngineUtil.updatePermissionFields(name, primKey);
920 }
921 }
922
923 protected void addResources_1to5(
924 long companyId, long groupId, long userId, Resource resource,
925 boolean portletActions)
926 throws PortalException, SystemException {
927
928 List<Permission> permissionsList =
929 permissionLocalService.addPermissions(
930 companyId, resource.getName(), resource.getResourceId(),
931 portletActions);
932
933 PermissionsListFilter permissionsListFilter =
934 PermissionsListFilterFactory.getInstance();
935
936 List<Permission> userPermissionsList =
937 permissionsListFilter.filterUserPermissions(
938 companyId, groupId, userId, resource.getName(),
939 resource.getPrimKey(), portletActions, permissionsList);
940
941 filterOwnerPermissions(resource.getName(), userPermissionsList);
942
943 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
944
945
946
947 Role ownerRole = roleLocalService.getRole(
948 companyId, RoleConstants.OWNER);
949
950 rolePersistence.addPermissions(
951 ownerRole.getRoleId(), userPermissionsList);
952 }
953 else {
954
955
956
957 long defaultUserId = userLocalService.getDefaultUserId(companyId);
958
959 if ((userId > 0) && (userId != defaultUserId)) {
960 userPersistence.addPermissions(userId, userPermissionsList);
961 }
962 }
963 }
964
965 protected void addResources_6(
966 long companyId, long groupId, long userId, Resource resource,
967 boolean portletActions, PermissionedModel permissionedModel)
968 throws PortalException, SystemException {
969
970 List<String> actionIds = null;
971
972 if (portletActions) {
973 actionIds = ResourceActionsUtil.getPortletResourceActions(
974 resource.getName());
975 }
976 else {
977 actionIds = ResourceActionsUtil.getModelResourceActions(
978 resource.getName());
979
980 actionIds = ListUtil.copy(actionIds);
981
982 filterOwnerActions(resource.getName(), actionIds);
983 }
984
985 Role role = roleLocalService.getRole(companyId, RoleConstants.OWNER);
986
987 if (resourceBlockLocalService.isSupported(resource.getName())) {
988 if (permissionedModel == null) {
989 throw new IllegalArgumentException(
990 "Permissioned model is null");
991 }
992
993
994
995 resourceBlockLocalService.setIndividualScopePermissions(
996 resource.getCompanyId(), groupId, resource.getName(),
997 permissionedModel, role.getRoleId(), actionIds);
998 }
999 else {
1000 resourcePermissionLocalService.setOwnerResourcePermissions(
1001 resource.getCompanyId(), resource.getName(),
1002 resource.getScope(), resource.getPrimKey(), role.getRoleId(),
1003 userId, actionIds.toArray(new String[actionIds.size()]));
1004 }
1005 }
1006
1007 protected void deleteResource(
1008 long companyId, String name, int scope, String primKey,
1009 PermissionedModel permissionedModel)
1010 throws PortalException, SystemException{
1011
1012 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
1013 if (resourceBlockLocalService.isSupported(name)) {
1014 if (permissionedModel == null) {
1015 throw new IllegalArgumentException(
1016 "Permissioned model is null");
1017 }
1018
1019 resourceBlockLocalService.releasePermissionedModelResourceBlock(
1020 permissionedModel);
1021
1022 return;
1023 }
1024 else {
1025 resourcePermissionLocalService.deleteResourcePermissions(
1026 companyId, name, scope, primKey);
1027
1028 return;
1029 }
1030 }
1031
1032 try {
1033 Resource resource = getResource(companyId, name, scope, primKey);
1034
1035 deleteResource(resource.getResourceId());
1036 }
1037 catch (NoSuchResourceException nsre) {
1038 if (_log.isWarnEnabled()) {
1039 _log.warn(nsre);
1040 }
1041 }
1042 }
1043
1044 protected Resource fetchResource_1to5(
1045 long companyId, String name, int scope, String primKey)
1046 throws SystemException {
1047
1048 ResourceCode resourceCode = resourceCodeLocalService.getResourceCode(
1049 companyId, name, scope);
1050
1051 return resourcePersistence.fetchByC_P(
1052 resourceCode.getCodeId(), primKey);
1053 }
1054
1055 protected void filterOwnerActions(String name, List<String> actionIds) {
1056 List<String> defaultOwnerActions =
1057 ResourceActionsUtil.getModelResourceOwnerDefaultActions(name);
1058
1059 if (defaultOwnerActions.isEmpty()) {
1060 return;
1061 }
1062
1063 Iterator<String> itr = actionIds.iterator();
1064
1065 while (itr.hasNext()) {
1066 String actionId = itr.next();
1067
1068 if (!defaultOwnerActions.contains(actionId)) {
1069 itr.remove();
1070 }
1071 }
1072 }
1073
1074 protected void filterOwnerPermissions(
1075 String name, List<Permission> permissions) {
1076
1077 List<String> defaultOwnerActions =
1078 ResourceActionsUtil.getModelResourceOwnerDefaultActions(name);
1079
1080 if (defaultOwnerActions.isEmpty()) {
1081 return;
1082 }
1083
1084 Iterator<Permission> itr = permissions.iterator();
1085
1086 while (itr.hasNext()) {
1087 Permission permission = itr.next();
1088
1089 String actionId = permission.getActionId();
1090
1091 if (!defaultOwnerActions.contains(actionId)) {
1092 itr.remove();
1093 }
1094 }
1095 }
1096
1097 protected long getGroupId(AuditedModel auditedModel) {
1098 long groupId = 0;
1099
1100 if (auditedModel instanceof GroupedModel) {
1101 GroupedModel groupedModel = (GroupedModel)auditedModel;
1102
1103 groupId = groupedModel.getGroupId();
1104 }
1105
1106 return groupId;
1107 }
1108
1109 protected PermissionedModel getPermissionedModel(
1110 AuditedModel auditedModel) {
1111
1112 PermissionedModel permissionedModel = null;
1113
1114 if (auditedModel instanceof PermissionedModel) {
1115 permissionedModel = (PermissionedModel)auditedModel;
1116 }
1117
1118 return permissionedModel;
1119 }
1120
1121 protected Resource getResource_1to5(
1122 long companyId, String name, int scope, String primKey)
1123 throws PortalException, SystemException {
1124
1125 ResourceCode resourceCode = resourceCodeLocalService.getResourceCode(
1126 companyId, name, scope);
1127
1128 return resourcePersistence.findByC_P(resourceCode.getCodeId(), primKey);
1129 }
1130
1131 protected Resource getResource_6(
1132 long companyId, String name, int scope, String primKey) {
1133
1134 Resource resource = new ResourceImpl();
1135
1136 resource.setCompanyId(companyId);
1137 resource.setName(name);
1138 resource.setScope(scope);
1139 resource.setPrimKey(primKey);
1140
1141 return resource;
1142 }
1143
1144 protected void updateResources(
1145 long companyId, long groupId, String name, String primKey,
1146 String[] groupPermissions, String[] guestPermissions,
1147 PermissionedModel permissionedModel)
1148 throws PortalException, SystemException {
1149
1150 Resource resource = getResource(
1151 companyId, name, ResourceConstants.SCOPE_INDIVIDUAL, primKey);
1152
1153 if (groupPermissions == null) {
1154 groupPermissions = new String[0];
1155 }
1156
1157 if (guestPermissions == null) {
1158 guestPermissions = new String[0];
1159 }
1160
1161 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
1162 if (resourceBlockLocalService.isSupported(name)) {
1163 updateResources_6Blocks(
1164 companyId, groupId, resource, groupPermissions,
1165 guestPermissions, permissionedModel);
1166 }
1167 else {
1168 updateResources_6(
1169 companyId, groupId, resource, groupPermissions,
1170 guestPermissions);
1171 }
1172 }
1173 else {
1174 updateResources_1to5(
1175 companyId, groupId, resource, groupPermissions,
1176 guestPermissions);
1177 }
1178 }
1179
1180 protected void updateResources_1to5(
1181 long companyId, long groupId, Resource resource,
1182 String[] groupPermissions, String[] guestPermissions)
1183 throws PortalException, SystemException {
1184
1185 Role role = roleLocalService.getDefaultGroupRole(groupId);
1186
1187 permissionLocalService.setRolePermissions(
1188 role.getRoleId(), groupPermissions, resource.getResourceId());
1189
1190 role = roleLocalService.getRole(companyId, RoleConstants.GUEST);
1191
1192 permissionLocalService.setRolePermissions(
1193 role.getRoleId(), guestPermissions, resource.getResourceId());
1194 }
1195
1196 protected void updateResources_1to5(
1197 long companyId, String name, int scope, String primKey,
1198 String newPrimKey)
1199 throws PortalException, SystemException {
1200
1201 Resource resource = getResource(companyId, name, scope, primKey);
1202
1203 resource.setPrimKey(newPrimKey);
1204
1205 resourcePersistence.update(resource, false);
1206 }
1207
1208 protected void updateResources_6(
1209 long companyId, long groupId, Resource resource,
1210 String[] groupPermissions, String[] guestPermissions)
1211 throws PortalException, SystemException {
1212
1213 Role role = roleLocalService.getDefaultGroupRole(groupId);
1214
1215 resourcePermissionLocalService.setResourcePermissions(
1216 resource.getCompanyId(), resource.getName(), resource.getScope(),
1217 resource.getPrimKey(), role.getRoleId(), groupPermissions);
1218
1219 role = roleLocalService.getRole(companyId, RoleConstants.GUEST);
1220
1221 resourcePermissionLocalService.setResourcePermissions(
1222 resource.getCompanyId(), resource.getName(), resource.getScope(),
1223 resource.getPrimKey(), role.getRoleId(), guestPermissions);
1224 }
1225
1226 protected void updateResources_6(
1227 long companyId, String name, int scope, String primKey,
1228 String newPrimKey)
1229 throws SystemException {
1230
1231 List<ResourcePermission> resourcePermissions =
1232 resourcePermissionLocalService.getResourcePermissions(
1233 companyId, name, scope, primKey);
1234
1235 for (ResourcePermission resourcePermission : resourcePermissions) {
1236 resourcePermission.setPrimKey(newPrimKey);
1237
1238 resourcePermissionPersistence.update(resourcePermission, false);
1239 }
1240 }
1241
1242 protected void updateResources_6Blocks(
1243 long companyId, long groupId, Resource resource,
1244 String[] groupPermissions, String[] guestPermissions,
1245 PermissionedModel permissionedModel)
1246 throws PortalException, SystemException {
1247
1248 if (permissionedModel == null) {
1249 throw new IllegalArgumentException("Permissioned model is null");
1250 }
1251
1252
1253
1254 Role role = roleLocalService.getDefaultGroupRole(groupId);
1255
1256 resourceBlockLocalService.setIndividualScopePermissions(
1257 companyId, groupId, resource.getName(), permissionedModel,
1258 role.getRoleId(), Arrays.asList(groupPermissions));
1259
1260 role = roleLocalService.getRole(companyId, RoleConstants.GUEST);
1261
1262 resourceBlockLocalService.setIndividualScopePermissions(
1263 companyId, groupId, resource.getName(), permissionedModel,
1264 role.getRoleId(), Arrays.asList(guestPermissions));
1265 }
1266
1267 protected void validate(String name, boolean portletActions)
1268 throws PortalException {
1269
1270 List<String> actions = null;
1271
1272 if (portletActions) {
1273 actions = ResourceActionsUtil.getPortletResourceActions(name);
1274 }
1275 else {
1276 actions = ResourceActionsUtil.getModelResourceActions(name);
1277 }
1278
1279 if (actions.size() == 0) {
1280 throw new ResourceActionsException(
1281 "There are no actions associated with the resource " + name);
1282 }
1283 }
1284
1285 private static Log _log = LogFactoryUtil.getLog(
1286 ResourceLocalServiceImpl.class);
1287
1288 }