001
014
015 package com.liferay.portal.service.impl;
016
017 import com.liferay.portal.NoSuchResourceException;
018 import com.liferay.portal.ResourceActionsException;
019 import com.liferay.portal.kernel.exception.PortalException;
020 import com.liferay.portal.kernel.exception.SystemException;
021 import com.liferay.portal.kernel.log.Log;
022 import com.liferay.portal.kernel.log.LogFactoryUtil;
023 import com.liferay.portal.kernel.search.SearchEngineUtil;
024 import com.liferay.portal.kernel.util.ListUtil;
025 import com.liferay.portal.model.AuditedModel;
026 import com.liferay.portal.model.ClassedModel;
027 import com.liferay.portal.model.Group;
028 import com.liferay.portal.model.GroupConstants;
029 import com.liferay.portal.model.GroupedModel;
030 import com.liferay.portal.model.Permission;
031 import com.liferay.portal.model.PermissionedModel;
032 import com.liferay.portal.model.Resource;
033 import com.liferay.portal.model.ResourceCode;
034 import com.liferay.portal.model.ResourceConstants;
035 import com.liferay.portal.model.ResourcePermission;
036 import com.liferay.portal.model.Role;
037 import com.liferay.portal.model.RoleConstants;
038 import com.liferay.portal.model.impl.ResourceImpl;
039 import com.liferay.portal.security.permission.PermissionCacheUtil;
040 import com.liferay.portal.security.permission.PermissionThreadLocal;
041 import com.liferay.portal.security.permission.PermissionsListFilter;
042 import com.liferay.portal.security.permission.PermissionsListFilterFactory;
043 import com.liferay.portal.security.permission.ResourceActionsUtil;
044 import com.liferay.portal.service.ServiceContext;
045 import com.liferay.portal.service.base.ResourceLocalServiceBaseImpl;
046 import com.liferay.portal.util.PropsValues;
047 import com.liferay.portal.util.ResourcePermissionsThreadLocal;
048 import com.liferay.portal.util.comparator.ResourceComparator;
049
050 import java.util.Arrays;
051 import java.util.Iterator;
052 import java.util.List;
053
054
061 public class ResourceLocalServiceImpl extends ResourceLocalServiceBaseImpl {
062
063 public void addModelResources(
064 AuditedModel auditedModel, ServiceContext serviceContext)
065 throws PortalException, SystemException {
066
067 ClassedModel classedModel = (ClassedModel)auditedModel;
068
069 if (serviceContext.getAddGroupPermissions() ||
070 serviceContext.getAddGuestPermissions()) {
071
072 addResources(
073 auditedModel.getCompanyId(), getGroupId(auditedModel),
074 auditedModel.getUserId(), classedModel.getModelClassName(),
075 String.valueOf(classedModel.getPrimaryKeyObj()), false,
076 serviceContext.getAddGroupPermissions(),
077 serviceContext.getAddGuestPermissions(),
078 getPermissionedModel(auditedModel));
079 }
080 else {
081 addModelResources(
082 auditedModel.getCompanyId(), getGroupId(auditedModel),
083 auditedModel.getUserId(), classedModel.getModelClassName(),
084 String.valueOf(classedModel.getPrimaryKeyObj()),
085 serviceContext.getGroupPermissions(),
086 serviceContext.getGuestPermissions(),
087 getPermissionedModel(auditedModel));
088 }
089 }
090
091 public void addModelResources(
092 long companyId, long groupId, long userId, String name,
093 long primKey, String[] groupPermissions, String[] guestPermissions)
094 throws PortalException, SystemException {
095
096 addModelResources(
097 companyId, groupId, userId, name, String.valueOf(primKey),
098 groupPermissions, guestPermissions, null);
099 }
100
101 public void addModelResources(
102 long companyId, long groupId, long userId, String name,
103 String primKey, String[] groupPermissions,
104 String[] guestPermissions)
105 throws PortalException, SystemException {
106
107 addModelResources(
108 companyId, groupId, userId, name, primKey, groupPermissions,
109 guestPermissions, null);
110 }
111
112 public Resource addResource(
113 long companyId, String name, int scope, String primKey)
114 throws SystemException {
115
116 if (!PermissionThreadLocal.isAddResource()) {
117 return null;
118 }
119
120 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
121 return addResource_6(companyId, name, scope, primKey);
122 }
123 else {
124 return addResource_1to5(companyId, name, scope, primKey);
125 }
126 }
127
128 public void addResources(
129 long companyId, long groupId, long userId, String name,
130 long primKey, boolean portletActions,
131 boolean addGroupPermissions, boolean addGuestPermissions)
132 throws PortalException, SystemException {
133
134 addResources(
135 companyId, groupId, userId, name, String.valueOf(primKey),
136 portletActions, addGroupPermissions, addGuestPermissions, null);
137 }
138
139 public void addResources(
140 long companyId, long groupId, long userId, String name,
141 String primKey, boolean portletActions,
142 boolean addGroupPermissions, boolean addGuestPermissions)
143 throws PortalException, SystemException {
144
145 addResources(
146 companyId, groupId, userId, name, primKey, portletActions,
147 addGroupPermissions, addGuestPermissions, null);
148 }
149
150 public void addResources(
151 long companyId, long groupId, String name, boolean portletActions)
152 throws PortalException, SystemException {
153
154 addResources(
155 companyId, groupId, 0, name, null, portletActions, false, false);
156 }
157
158 public void deleteResource(AuditedModel auditedModel, int scope)
159 throws PortalException, SystemException {
160
161 ClassedModel classedModel = (ClassedModel)auditedModel;
162
163 deleteResource(
164 auditedModel.getCompanyId(), classedModel.getModelClassName(),
165 scope, String.valueOf(classedModel.getPrimaryKeyObj()),
166 getPermissionedModel(auditedModel));
167 }
168
169 @Override
170 public void deleteResource(long resourceId) throws SystemException {
171 try {
172 Resource resource = resourcePersistence.findByPrimaryKey(
173 resourceId);
174
175 deleteResource(resource);
176 }
177 catch (NoSuchResourceException nsre) {
178 if (_log.isWarnEnabled()) {
179 _log.warn(nsre);
180 }
181 }
182 }
183
184 public void deleteResource(
185 long companyId, String name, int scope, long primKey)
186 throws PortalException, SystemException {
187
188 deleteResource(companyId, name, scope, String.valueOf(primKey), null);
189 }
190
191 public void deleteResource(
192 long companyId, String name, int scope, String primKey)
193 throws PortalException, SystemException {
194
195 deleteResource(companyId, name, scope, primKey, null);
196 }
197
198 @Override
199 public void deleteResource(Resource resource) throws SystemException {
200
201
202
203 List<Permission> permissions = permissionPersistence.findByResourceId(
204 resource.getResourceId());
205
206 for (Permission permission : permissions) {
207 orgGroupPermissionPersistence.removeByPermissionId(
208 permission.getPermissionId());
209 }
210
211 permissionPersistence.removeByResourceId(resource.getResourceId());
212
213
214
215 resourcePersistence.remove(resource);
216 }
217
218 public void deleteResources(String name) throws SystemException {
219 List<Resource> resources = resourceFinder.findByName(name);
220
221 for (Resource resource : resources) {
222 deleteResource(resource);
223 }
224 }
225
226 public Resource fetchResource(
227 long companyId, String name, int scope, String primKey)
228 throws SystemException {
229
230 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
231 return getResource_6(companyId, name, scope, primKey);
232 }
233 else {
234 return fetchResource_1to5(companyId, name, scope, primKey);
235 }
236 }
237
238 public long getLatestResourceId() throws SystemException {
239 List<Resource> resources = resourcePersistence.findAll(
240 0, 1, new ResourceComparator());
241
242 if (resources.size() == 0) {
243 return 0;
244 }
245 else {
246 Resource resource = resources.get(0);
247
248 return resource.getResourceId();
249 }
250 }
251
252 @Override
253 public Resource getResource(long resourceId)
254 throws PortalException, SystemException {
255
256 return resourcePersistence.findByPrimaryKey(resourceId);
257 }
258
259 public Resource getResource(
260 long companyId, String name, int scope, String primKey)
261 throws PortalException, SystemException {
262
263 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
264 return getResource_6(companyId, name, scope, primKey);
265 }
266 else {
267 return getResource_1to5(companyId, name, scope, primKey);
268 }
269 }
270
271 public List<Resource> getResources() throws SystemException {
272 return resourcePersistence.findAll();
273 }
274
275 public void updateModelResources(
276 AuditedModel auditedModel, ServiceContext serviceContext)
277 throws PortalException, SystemException {
278
279 ClassedModel classedModel = (ClassedModel)auditedModel;
280
281 updateResources(
282 auditedModel.getCompanyId(), getGroupId(auditedModel),
283 classedModel.getModelClassName(),
284 String.valueOf(classedModel.getPrimaryKeyObj()),
285 serviceContext.getGroupPermissions(),
286 serviceContext.getGuestPermissions(),
287 getPermissionedModel(auditedModel));
288 }
289
290 public void updateResources(
291 long companyId, long groupId, String name, long primKey,
292 String[] groupPermissions, String[] guestPermissions)
293 throws PortalException, SystemException {
294
295 updateResources(
296 companyId, groupId, name, String.valueOf(primKey), groupPermissions,
297 guestPermissions, null);
298 }
299
300 public void updateResources(
301 long companyId, long groupId, String name, String primKey,
302 String[] groupPermissions, String[] guestPermissions)
303 throws PortalException, SystemException {
304
305 updateResources(
306 companyId, groupId, name, primKey, groupPermissions,
307 guestPermissions, null);
308 }
309
310 public void updateResources(
311 long companyId, String name, int scope, String primKey,
312 String newPrimKey)
313 throws PortalException, SystemException {
314
315 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
316 if (resourceBlockLocalService.isSupported(name)) {
317
318
319
320
321
322 }
323 else {
324 updateResources_6(companyId, name, scope, primKey, newPrimKey);
325 }
326 }
327 else {
328 updateResources_1to5(companyId, name, scope, primKey, newPrimKey);
329 }
330 }
331
332 protected void addGroupPermissions(
333 long companyId, long groupId, long userId, String name,
334 Resource resource, boolean portletActions,
335 PermissionedModel permissionedModel)
336 throws PortalException, SystemException {
337
338 List<String> actions = null;
339
340 if (portletActions) {
341 actions = ResourceActionsUtil.getPortletResourceGroupDefaultActions(
342 name);
343 }
344 else {
345 actions = ResourceActionsUtil.getModelResourceGroupDefaultActions(
346 name);
347 }
348
349 String[] actionIds = actions.toArray(new String[actions.size()]);
350
351 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
352 if (resourceBlockLocalService.isSupported(name)) {
353 addGroupPermissions_6Blocks(
354 groupId, resource, actions, permissionedModel);
355 }
356 else {
357 addGroupPermissions_6(groupId, resource, actionIds);
358 }
359 }
360 else {
361 addGroupPermissions_1to5(
362 companyId, groupId, userId, name, resource, portletActions,
363 actionIds);
364 }
365 }
366
367 protected void addGroupPermissions_1to5(
368 long companyId, long groupId, long userId, String name,
369 Resource resource, boolean portletActions, String[] actionIds)
370 throws PortalException, SystemException {
371
372 long resourceId = resource.getResourceId();
373 String primKey = resource.getPrimKey();
374
375 List<Permission> groupPermissionsList =
376 permissionLocalService.getPermissions(
377 companyId, actionIds, resourceId);
378
379 PermissionsListFilter permissionsListFilter =
380 PermissionsListFilterFactory.getInstance();
381
382 groupPermissionsList =
383 permissionsListFilter.filterGroupPermissions(
384 companyId, groupId, userId, name, primKey, portletActions,
385 groupPermissionsList);
386
387 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
388 Role role = roleLocalService.getDefaultGroupRole(groupId);
389
390 rolePersistence.addPermissions(
391 role.getRoleId(), groupPermissionsList);
392 }
393 else {
394 groupPersistence.addPermissions(groupId, groupPermissionsList);
395 }
396 }
397
398 protected void addGroupPermissions_6(
399 long groupId, Resource resource, String[] actionIds)
400 throws PortalException, SystemException {
401
402 Role role = roleLocalService.getDefaultGroupRole(groupId);
403
404 resourcePermissionLocalService.setResourcePermissions(
405 resource.getCompanyId(), resource.getName(), resource.getScope(),
406 resource.getPrimKey(), role.getRoleId(), actionIds);
407 }
408
409 protected void addGroupPermissions_6Blocks(
410 long groupId, Resource resource, List<String> actionIds,
411 PermissionedModel permissionedModel)
412 throws PortalException, SystemException {
413
414 if (permissionedModel == null) {
415 throw new IllegalArgumentException("Permissioned model is null");
416 }
417
418
419
420 Role role = roleLocalService.getDefaultGroupRole(groupId);
421
422 resourceBlockLocalService.setIndividualScopePermissions(
423 resource.getCompanyId(), groupId, resource.getName(),
424 permissionedModel, role.getRoleId(), actionIds);
425 }
426
427 protected void addGuestPermissions(
428 long companyId, long groupId, long userId, String name,
429 Resource resource, boolean portletActions,
430 PermissionedModel permissionedModel)
431 throws PortalException, SystemException {
432
433 List<String> actions = null;
434
435 if (portletActions) {
436 actions = ResourceActionsUtil.getPortletResourceGuestDefaultActions(
437 name);
438 }
439 else {
440 actions = ResourceActionsUtil.getModelResourceGuestDefaultActions(
441 name);
442 }
443
444 String[] actionIds = actions.toArray(new String[actions.size()]);
445
446 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
447 if (resourceBlockLocalService.isSupported(name)) {
448 addGuestPermissions_6Blocks(
449 companyId, groupId, resource, actions, permissionedModel);
450 }
451 else {
452 addGuestPermissions_6(companyId, resource, actionIds);
453 }
454 }
455 else {
456 addGuestPermissions_1to5(
457 companyId, groupId, userId, name, resource, portletActions,
458 actionIds);
459 }
460 }
461
462 protected void addGuestPermissions_1to5(
463 long companyId, long groupId, long userId, String name,
464 Resource resource, boolean portletActions, String[] actionIds)
465 throws PortalException, SystemException {
466
467 List<Permission> guestPermissionsList =
468 permissionLocalService.getPermissions(
469 companyId, actionIds, resource.getResourceId());
470
471 PermissionsListFilter permissionsListFilter =
472 PermissionsListFilterFactory.getInstance();
473
474 guestPermissionsList =
475 permissionsListFilter.filterGuestPermissions(
476 companyId, groupId, userId, name, resource.getPrimKey(),
477 portletActions, guestPermissionsList);
478
479 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
480 Role guestRole = roleLocalService.getRole(
481 companyId, RoleConstants.GUEST);
482
483 rolePersistence.addPermissions(
484 guestRole.getRoleId(), guestPermissionsList);
485 }
486 else {
487 long defaultUserId = userLocalService.getDefaultUserId(companyId);
488
489 userPersistence.addPermissions(defaultUserId, guestPermissionsList);
490 }
491 }
492
493 protected void addGuestPermissions_6(
494 long companyId, Resource resource, String[] actionIds)
495 throws PortalException, SystemException {
496
497 Role guestRole = roleLocalService.getRole(
498 companyId, RoleConstants.GUEST);
499
500 resourcePermissionLocalService.setResourcePermissions(
501 resource.getCompanyId(), resource.getName(), resource.getScope(),
502 resource.getPrimKey(), guestRole.getRoleId(), actionIds);
503 }
504
505 protected void addGuestPermissions_6Blocks(
506 long companyId, long groupId, Resource resource,
507 List<String> actionIds, PermissionedModel permissionedModel)
508 throws PortalException, SystemException {
509
510 if (permissionedModel == null) {
511 throw new IllegalArgumentException("Permissioned model is null");
512 }
513
514
515
516 Role guestRole = roleLocalService.getRole(
517 companyId, RoleConstants.GUEST);
518
519 resourceBlockLocalService.setIndividualScopePermissions(
520 resource.getCompanyId(), groupId, resource.getName(),
521 permissionedModel, guestRole.getRoleId(), actionIds);
522 }
523
524 protected void addModelResources(
525 long companyId, long groupId, long userId, String name,
526 String primKey, String[] groupPermissions,
527 String[] guestPermissions, PermissionedModel permissionedModel)
528 throws PortalException, SystemException {
529
530 if (!PermissionThreadLocal.isAddResource()) {
531 return;
532 }
533
534 validate(name, false);
535
536
537
538 addResource(
539 companyId, name, ResourceConstants.SCOPE_COMPANY,
540 String.valueOf(companyId));
541
542
543
544 Group guestGroup = groupLocalService.getGroup(
545 companyId, GroupConstants.GUEST);
546
547 addResource(
548 companyId, name, ResourceConstants.SCOPE_GROUP,
549 String.valueOf(guestGroup.getGroupId()));
550
551
552
553 if ((groupId > 0) && (guestGroup.getGroupId() != groupId)) {
554 addResource(
555 companyId, name, ResourceConstants.SCOPE_GROUP,
556 String.valueOf(groupId));
557 }
558
559 if (primKey == null) {
560 return;
561 }
562
563
564
565 Resource resource = addResource(
566 companyId, name, ResourceConstants.SCOPE_INDIVIDUAL, primKey);
567
568
569
570 boolean flushEnabled = PermissionThreadLocal.isFlushEnabled();
571
572 PermissionThreadLocal.setIndexEnabled(false);
573
574 try {
575 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
576 addModelResources_6(
577 companyId, groupId, userId, resource, groupPermissions,
578 guestPermissions, permissionedModel);
579 }
580 else {
581 addModelResources_1to5(
582 companyId, groupId, userId, resource, groupPermissions,
583 guestPermissions);
584 }
585 }
586 finally {
587 PermissionThreadLocal.setIndexEnabled(flushEnabled);
588
589 PermissionCacheUtil.clearCache();
590
591 SearchEngineUtil.updatePermissionFields(name, primKey);
592 }
593 }
594
595 protected void addModelResources_1to5(
596 long companyId, long groupId, long userId, Resource resource,
597 String[] groupPermissions, String[] guestPermissions)
598 throws PortalException, SystemException {
599
600 long defaultUserId = userLocalService.getDefaultUserId(companyId);
601
602 PermissionsListFilter permissionsListFilter =
603 PermissionsListFilterFactory.getInstance();
604
605 List<Permission> permissionsList =
606 permissionLocalService.addPermissions(
607 companyId, resource.getName(), resource.getResourceId(), false);
608
609 List<Permission> userPermissionsList =
610 permissionsListFilter.filterUserPermissions(
611 companyId, groupId, userId, resource.getName(),
612 resource.getPrimKey(), false, permissionsList);
613
614 filterOwnerPermissions(resource.getName(), userPermissionsList);
615
616 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
617
618
619
620 Role ownerRole = roleLocalService.getRole(
621 companyId, RoleConstants.OWNER);
622
623 rolePersistence.addPermissions(
624 ownerRole.getRoleId(), userPermissionsList);
625 }
626 else {
627
628
629
630 if ((userId > 0) && (userId != defaultUserId)) {
631 userPersistence.addPermissions(userId, userPermissionsList);
632 }
633 }
634
635
636
637 if (groupId > 0) {
638 if (groupPermissions == null) {
639 groupPermissions = new String[0];
640 }
641
642 List<Permission> groupPermissionsList =
643 permissionLocalService.getPermissions(
644 companyId, groupPermissions, resource.getResourceId());
645
646 groupPermissionsList =
647 permissionsListFilter.filterGroupPermissions(
648 companyId, groupId, userId, resource.getName(),
649 resource.getPrimKey(), false, groupPermissionsList);
650
651 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
652 Role role = roleLocalService.getDefaultGroupRole(groupId);
653
654 rolePersistence.addPermissions(
655 role.getRoleId(), groupPermissionsList);
656 }
657 else {
658 groupPersistence.addPermissions(groupId, groupPermissionsList);
659 }
660 }
661
662
663
664 if (guestPermissions == null) {
665 guestPermissions = new String[0];
666 }
667
668 List<Permission> guestPermissionsList =
669 permissionLocalService.getPermissions(
670 companyId, guestPermissions, resource.getResourceId());
671
672 guestPermissionsList = permissionsListFilter.filterGuestPermissions(
673 companyId, groupId, userId, resource.getName(),
674 resource.getPrimKey(), false, guestPermissionsList);
675
676 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
677 Role guestRole = roleLocalService.getRole(
678 companyId, RoleConstants.GUEST);
679
680 rolePersistence.addPermissions(
681 guestRole.getRoleId(), guestPermissionsList);
682 }
683 else {
684 userPersistence.addPermissions(defaultUserId, guestPermissionsList);
685 }
686 }
687
688 protected void addModelResources_6(
689 long companyId, long groupId, long userId, Resource resource,
690 String[] groupPermissions, String[] guestPermissions,
691 PermissionedModel permissionedModel)
692 throws PortalException, SystemException {
693
694
695
696 Role ownerRole = roleLocalService.getRole(
697 companyId, RoleConstants.OWNER);
698
699 List<String> ownerActionIds =
700 ResourceActionsUtil.getModelResourceActions(resource.getName());
701
702 ownerActionIds = ListUtil.copy(ownerActionIds);
703
704 filterOwnerActions(resource.getName(), ownerActionIds);
705
706 String[] ownerPermissions =
707 ownerActionIds.toArray(new String[ownerActionIds.size()]);
708
709
710
711 Role defaultGroupRole = null;
712
713 if (groupId > 0) {
714 defaultGroupRole = roleLocalService.getDefaultGroupRole(groupId);
715
716 if (groupPermissions == null) {
717 groupPermissions = new String[0];
718 }
719 }
720
721
722
723 Role guestRole = roleLocalService.getRole(
724 companyId, RoleConstants.GUEST);
725
726 if (guestPermissions == null) {
727 guestPermissions = new String[0];
728 }
729
730 if (resourceBlockLocalService.isSupported(resource.getName())) {
731
732 if (permissionedModel == null) {
733 throw new IllegalArgumentException(
734 "Permissioned model is null");
735 }
736
737
738
739 resourceBlockLocalService.setIndividualScopePermissions(
740 resource.getCompanyId(), groupId, resource.getName(),
741 permissionedModel, ownerRole.getRoleId(), ownerActionIds);
742
743 if (groupId > 0) {
744 resourceBlockLocalService.setIndividualScopePermissions(
745 resource.getCompanyId(), groupId, resource.getName(),
746 permissionedModel, defaultGroupRole.getRoleId(),
747 Arrays.asList(groupPermissions));
748 }
749
750 resourceBlockLocalService.setIndividualScopePermissions(
751 resource.getCompanyId(), groupId, resource.getName(),
752 permissionedModel, guestRole.getRoleId(),
753 Arrays.asList(guestPermissions));
754 }
755 else {
756 resourcePermissionLocalService.setOwnerResourcePermissions(
757 resource.getCompanyId(), resource.getName(),
758 resource.getScope(), resource.getPrimKey(),
759 ownerRole.getRoleId(), userId, ownerPermissions);
760
761 if (groupId > 0) {
762 resourcePermissionLocalService.setResourcePermissions(
763 resource.getCompanyId(), resource.getName(),
764 resource.getScope(), resource.getPrimKey(),
765 defaultGroupRole.getRoleId(), groupPermissions);
766 }
767
768 resourcePermissionLocalService.setResourcePermissions(
769 resource.getCompanyId(), resource.getName(),
770 resource.getScope(), resource.getPrimKey(),
771 guestRole.getRoleId(), guestPermissions);
772 }
773 }
774
775 protected Resource addResource_1to5(
776 long companyId, String name, int scope, String primKey)
777 throws SystemException {
778
779 ResourceCode resourceCode = resourceCodeLocalService.getResourceCode(
780 companyId, name, scope);
781
782 long codeId = resourceCode.getCodeId();
783
784 Resource resource = resourcePersistence.fetchByC_P(codeId, primKey);
785
786 if (resource == null) {
787 long resourceId = counterLocalService.increment(
788 Resource.class.getName());
789
790 resource = resourcePersistence.create(resourceId);
791
792 resource.setCodeId(codeId);
793 resource.setPrimKey(primKey);
794
795 try {
796 resourcePersistence.update(resource, false);
797 }
798 catch (SystemException se) {
799 if (_log.isWarnEnabled()) {
800 _log.warn(
801 "Add failed, fetch {codeId=" + codeId + ", primKey=" +
802 primKey + "}");
803 }
804
805 resource = resourcePersistence.fetchByC_P(
806 codeId, primKey, false);
807
808 if (resource == null) {
809 throw se;
810 }
811 }
812 }
813
814 return resource;
815 }
816
817 protected Resource addResource_6(
818 long companyId, String name, int scope, String primKey) {
819
820 Resource resource = new ResourceImpl();
821
822 resource.setCompanyId(companyId);
823 resource.setName(name);
824 resource.setScope(scope);
825 resource.setPrimKey(primKey);
826
827 return resource;
828 }
829
830 protected void addResources(
831 long companyId, long groupId, long userId, String name,
832 String primKey, boolean portletActions, boolean addGroupPermissions,
833 boolean addGuestPermissions, PermissionedModel permissionedModel)
834 throws PortalException, SystemException {
835
836 if (!PermissionThreadLocal.isAddResource()) {
837 return;
838 }
839
840 validate(name, portletActions);
841
842
843
844 addResource(
845 companyId, name, ResourceConstants.SCOPE_COMPANY,
846 String.valueOf(companyId));
847
848 if (groupId > 0) {
849 addResource(
850 companyId, name, ResourceConstants.SCOPE_GROUP,
851 String.valueOf(groupId));
852 }
853
854 if (primKey == null) {
855 return;
856 }
857
858
859
860 Resource resource = addResource(
861 companyId, name, ResourceConstants.SCOPE_INDIVIDUAL, primKey);
862
863
864
865 boolean flushEnabled = PermissionThreadLocal.isFlushEnabled();
866
867 PermissionThreadLocal.setIndexEnabled(false);
868
869 List<ResourcePermission> resourcePermissions =
870 resourcePermissionPersistence.findByC_N_S_P(
871 companyId, name, ResourceConstants.SCOPE_INDIVIDUAL, primKey);
872
873 ResourcePermissionsThreadLocal.setResourcePermissions(
874 resourcePermissions);
875
876 try {
877 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
878 addResources_6(
879 companyId, groupId, userId, resource, portletActions,
880 permissionedModel);
881 }
882 else {
883 addResources_1to5(
884 companyId, groupId, userId, resource, portletActions);
885 }
886
887
888
889 if ((groupId > 0) && addGroupPermissions) {
890 addGroupPermissions(
891 companyId, groupId, userId, name, resource, portletActions,
892 permissionedModel);
893 }
894
895
896
897 if (addGuestPermissions) {
898
899
900
901
902 addGuestPermissions(
903 companyId, groupId, userId, name, resource, portletActions,
904 permissionedModel);
905 }
906 }
907 finally {
908 ResourcePermissionsThreadLocal.setResourcePermissions(null);
909
910 PermissionThreadLocal.setIndexEnabled(flushEnabled);
911
912 PermissionCacheUtil.clearCache();
913
914 SearchEngineUtil.updatePermissionFields(name, primKey);
915 }
916 }
917
918 protected void addResources_1to5(
919 long companyId, long groupId, long userId, Resource resource,
920 boolean portletActions)
921 throws PortalException, SystemException {
922
923 List<Permission> permissionsList =
924 permissionLocalService.addPermissions(
925 companyId, resource.getName(), resource.getResourceId(),
926 portletActions);
927
928 PermissionsListFilter permissionsListFilter =
929 PermissionsListFilterFactory.getInstance();
930
931 List<Permission> userPermissionsList =
932 permissionsListFilter.filterUserPermissions(
933 companyId, groupId, userId, resource.getName(),
934 resource.getPrimKey(), portletActions, permissionsList);
935
936 filterOwnerPermissions(resource.getName(), userPermissionsList);
937
938 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
939
940
941
942 Role ownerRole = roleLocalService.getRole(
943 companyId, RoleConstants.OWNER);
944
945 rolePersistence.addPermissions(
946 ownerRole.getRoleId(), userPermissionsList);
947 }
948 else {
949
950
951
952 long defaultUserId = userLocalService.getDefaultUserId(companyId);
953
954 if ((userId > 0) && (userId != defaultUserId)) {
955 userPersistence.addPermissions(userId, userPermissionsList);
956 }
957 }
958 }
959
960 protected void addResources_6(
961 long companyId, long groupId, long userId, Resource resource,
962 boolean portletActions, PermissionedModel permissionedModel)
963 throws PortalException, SystemException {
964
965 List<String> actionIds = null;
966
967 if (portletActions) {
968 actionIds = ResourceActionsUtil.getPortletResourceActions(
969 resource.getName());
970 }
971 else {
972 actionIds = ResourceActionsUtil.getModelResourceActions(
973 resource.getName());
974
975 actionIds = ListUtil.copy(actionIds);
976
977 filterOwnerActions(resource.getName(), actionIds);
978 }
979
980 Role role = roleLocalService.getRole(companyId, RoleConstants.OWNER);
981
982 if (resourceBlockLocalService.isSupported(resource.getName())) {
983 if (permissionedModel == null) {
984 throw new IllegalArgumentException(
985 "Permissioned model is null");
986 }
987
988
989
990 resourceBlockLocalService.setIndividualScopePermissions(
991 resource.getCompanyId(), groupId, resource.getName(),
992 permissionedModel, role.getRoleId(), actionIds);
993 }
994 else {
995 resourcePermissionLocalService.setOwnerResourcePermissions(
996 resource.getCompanyId(), resource.getName(),
997 resource.getScope(), resource.getPrimKey(), role.getRoleId(),
998 userId, actionIds.toArray(new String[actionIds.size()]));
999 }
1000 }
1001
1002 protected void deleteResource(
1003 long companyId, String name, int scope, String primKey,
1004 PermissionedModel permissionedModel)
1005 throws PortalException, SystemException{
1006
1007 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
1008 if (resourceBlockLocalService.isSupported(name)) {
1009 if (permissionedModel == null) {
1010 throw new IllegalArgumentException(
1011 "Permissioned model is null");
1012 }
1013
1014 resourceBlockLocalService.releasePermissionedModelResourceBlock(
1015 permissionedModel);
1016
1017 return;
1018 }
1019 else {
1020 resourcePermissionLocalService.deleteResourcePermissions(
1021 companyId, name, scope, primKey);
1022
1023 return;
1024 }
1025 }
1026
1027 try {
1028 Resource resource = getResource(companyId, name, scope, primKey);
1029
1030 deleteResource(resource.getResourceId());
1031 }
1032 catch (NoSuchResourceException nsre) {
1033 if (_log.isWarnEnabled()) {
1034 _log.warn(nsre);
1035 }
1036 }
1037 }
1038
1039 protected Resource fetchResource_1to5(
1040 long companyId, String name, int scope, String primKey)
1041 throws SystemException {
1042
1043 ResourceCode resourceCode = resourceCodeLocalService.getResourceCode(
1044 companyId, name, scope);
1045
1046 return resourcePersistence.fetchByC_P(
1047 resourceCode.getCodeId(), primKey);
1048 }
1049
1050 protected void filterOwnerActions(String name, List<String> actionIds) {
1051 List<String> defaultOwnerActions =
1052 ResourceActionsUtil.getModelResourceOwnerDefaultActions(name);
1053
1054 if (defaultOwnerActions.isEmpty()) {
1055 return;
1056 }
1057
1058 Iterator<String> itr = actionIds.iterator();
1059
1060 while (itr.hasNext()) {
1061 String actionId = itr.next();
1062
1063 if (!defaultOwnerActions.contains(actionId)) {
1064 itr.remove();
1065 }
1066 }
1067 }
1068
1069 protected void filterOwnerPermissions(
1070 String name, List<Permission> permissions) {
1071
1072 List<String> defaultOwnerActions =
1073 ResourceActionsUtil.getModelResourceOwnerDefaultActions(name);
1074
1075 if (defaultOwnerActions.isEmpty()) {
1076 return;
1077 }
1078
1079 Iterator<Permission> itr = permissions.iterator();
1080
1081 while (itr.hasNext()) {
1082 Permission permission = itr.next();
1083
1084 String actionId = permission.getActionId();
1085
1086 if (!defaultOwnerActions.contains(actionId)) {
1087 itr.remove();
1088 }
1089 }
1090 }
1091
1092 protected long getGroupId(AuditedModel auditedModel) {
1093 long groupId = 0;
1094
1095 if (auditedModel instanceof GroupedModel) {
1096 GroupedModel groupedModel = (GroupedModel)auditedModel;
1097
1098 groupId = groupedModel.getGroupId();
1099 }
1100
1101 return groupId;
1102 }
1103
1104 protected PermissionedModel getPermissionedModel(
1105 AuditedModel auditedModel) {
1106
1107 PermissionedModel permissionedModel = null;
1108
1109 if (auditedModel instanceof PermissionedModel) {
1110 permissionedModel = (PermissionedModel)auditedModel;
1111 }
1112
1113 return permissionedModel;
1114 }
1115
1116 protected Resource getResource_1to5(
1117 long companyId, String name, int scope, String primKey)
1118 throws PortalException, SystemException {
1119
1120 ResourceCode resourceCode = resourceCodeLocalService.getResourceCode(
1121 companyId, name, scope);
1122
1123 return resourcePersistence.findByC_P(resourceCode.getCodeId(), primKey);
1124 }
1125
1126 protected Resource getResource_6(
1127 long companyId, String name, int scope, String primKey) {
1128
1129 Resource resource = new ResourceImpl();
1130
1131 resource.setCompanyId(companyId);
1132 resource.setName(name);
1133 resource.setScope(scope);
1134 resource.setPrimKey(primKey);
1135
1136 return resource;
1137 }
1138
1139 protected void updateResources(
1140 long companyId, long groupId, String name, String primKey,
1141 String[] groupPermissions, String[] guestPermissions,
1142 PermissionedModel permissionedModel)
1143 throws PortalException, SystemException {
1144
1145 Resource resource = getResource(
1146 companyId, name, ResourceConstants.SCOPE_INDIVIDUAL, primKey);
1147
1148 if (groupPermissions == null) {
1149 groupPermissions = new String[0];
1150 }
1151
1152 if (guestPermissions == null) {
1153 guestPermissions = new String[0];
1154 }
1155
1156 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
1157 if (resourceBlockLocalService.isSupported(name)) {
1158 updateResources_6Blocks(
1159 companyId, groupId, resource, groupPermissions,
1160 guestPermissions, permissionedModel);
1161 }
1162 else {
1163 updateResources_6(
1164 companyId, groupId, resource, groupPermissions,
1165 guestPermissions);
1166 }
1167 }
1168 else {
1169 updateResources_1to5(
1170 companyId, groupId, resource, groupPermissions,
1171 guestPermissions);
1172 }
1173 }
1174
1175 protected void updateResources_1to5(
1176 long companyId, long groupId, Resource resource,
1177 String[] groupPermissions, String[] guestPermissions)
1178 throws PortalException, SystemException {
1179
1180 Role role = roleLocalService.getDefaultGroupRole(groupId);
1181
1182 permissionLocalService.setRolePermissions(
1183 role.getRoleId(), groupPermissions, resource.getResourceId());
1184
1185 role = roleLocalService.getRole(companyId, RoleConstants.GUEST);
1186
1187 permissionLocalService.setRolePermissions(
1188 role.getRoleId(), guestPermissions, resource.getResourceId());
1189 }
1190
1191 protected void updateResources_1to5(
1192 long companyId, String name, int scope, String primKey,
1193 String newPrimKey)
1194 throws PortalException, SystemException {
1195
1196 Resource resource = getResource(companyId, name, scope, primKey);
1197
1198 resource.setPrimKey(newPrimKey);
1199
1200 resourcePersistence.update(resource, false);
1201 }
1202
1203 protected void updateResources_6(
1204 long companyId, long groupId, Resource resource,
1205 String[] groupPermissions, String[] guestPermissions)
1206 throws PortalException, SystemException {
1207
1208 Role role = roleLocalService.getDefaultGroupRole(groupId);
1209
1210 resourcePermissionLocalService.setResourcePermissions(
1211 resource.getCompanyId(), resource.getName(), resource.getScope(),
1212 resource.getPrimKey(), role.getRoleId(), groupPermissions);
1213
1214 role = roleLocalService.getRole(companyId, RoleConstants.GUEST);
1215
1216 resourcePermissionLocalService.setResourcePermissions(
1217 resource.getCompanyId(), resource.getName(), resource.getScope(),
1218 resource.getPrimKey(), role.getRoleId(), guestPermissions);
1219 }
1220
1221 protected void updateResources_6(
1222 long companyId, String name, int scope, String primKey,
1223 String newPrimKey)
1224 throws SystemException {
1225
1226 List<ResourcePermission> resourcePermissions =
1227 resourcePermissionLocalService.getResourcePermissions(
1228 companyId, name, scope, primKey);
1229
1230 for (ResourcePermission resourcePermission : resourcePermissions) {
1231 resourcePermission.setPrimKey(newPrimKey);
1232
1233 resourcePermissionPersistence.update(resourcePermission, false);
1234 }
1235 }
1236
1237 protected void updateResources_6Blocks(
1238 long companyId, long groupId, Resource resource,
1239 String[] groupPermissions, String[] guestPermissions,
1240 PermissionedModel permissionedModel)
1241 throws PortalException, SystemException {
1242
1243 if (permissionedModel == null) {
1244 throw new IllegalArgumentException("Permissioned model is null");
1245 }
1246
1247
1248
1249 Role role = roleLocalService.getDefaultGroupRole(groupId);
1250
1251 resourceBlockLocalService.setIndividualScopePermissions(
1252 companyId, groupId, resource.getName(), permissionedModel,
1253 role.getRoleId(), Arrays.asList(groupPermissions));
1254
1255 role = roleLocalService.getRole(companyId, RoleConstants.GUEST);
1256
1257 resourceBlockLocalService.setIndividualScopePermissions(
1258 companyId, groupId, resource.getName(), permissionedModel,
1259 role.getRoleId(), Arrays.asList(guestPermissions));
1260 }
1261
1262 protected void validate(String name, boolean portletActions)
1263 throws PortalException {
1264
1265 List<String> actions = null;
1266
1267 if (portletActions) {
1268 actions = ResourceActionsUtil.getPortletResourceActions(name);
1269 }
1270 else {
1271 actions = ResourceActionsUtil.getModelResourceActions(name);
1272 }
1273
1274 if (actions.size() == 0) {
1275 throw new ResourceActionsException(
1276 "There are no actions associated with the resource " + name);
1277 }
1278 }
1279
1280 private static Log _log = LogFactoryUtil.getLog(
1281 ResourceLocalServiceImpl.class);
1282
1283 }