001    /**
002     * Copyright (c) 2000-2011 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.service.permission;
016    
017    import com.liferay.portal.kernel.exception.PortalException;
018    import com.liferay.portal.kernel.exception.SystemException;
019    import com.liferay.portal.kernel.log.Log;
020    import com.liferay.portal.kernel.log.LogFactoryUtil;
021    import com.liferay.portal.kernel.staging.permission.StagingPermissionUtil;
022    import com.liferay.portal.model.Group;
023    import com.liferay.portal.model.Layout;
024    import com.liferay.portal.model.LayoutTypePortlet;
025    import com.liferay.portal.model.Portlet;
026    import com.liferay.portal.model.PortletConstants;
027    import com.liferay.portal.model.impl.VirtualLayout;
028    import com.liferay.portal.security.auth.PrincipalException;
029    import com.liferay.portal.security.permission.ActionKeys;
030    import com.liferay.portal.security.permission.PermissionChecker;
031    import com.liferay.portal.security.permission.ResourceActionsUtil;
032    import com.liferay.portal.service.LayoutLocalServiceUtil;
033    import com.liferay.portal.service.PortletLocalServiceUtil;
034    import com.liferay.portal.util.PropsValues;
035    import com.liferay.portlet.sites.util.SitesUtil;
036    
037    import java.util.Collection;
038    import java.util.List;
039    
040    /**
041     * @author Brian Wing Shun Chan
042     * @author Raymond Augé
043     */
044    public class PortletPermissionImpl implements PortletPermission {
045    
046            public static final boolean DEFAULT_STRICT = false;
047    
048            public void check(
049                            PermissionChecker permissionChecker, Layout layout,
050                            String portletId, String actionId)
051                    throws PortalException, SystemException {
052    
053                    if (!contains(
054                                    permissionChecker, 0, layout, portletId, actionId,
055                                    DEFAULT_STRICT)) {
056    
057                            throw new PrincipalException();
058                    }
059            }
060    
061            public void check(
062                            PermissionChecker permissionChecker, Layout layout,
063                            String portletId, String actionId, boolean strict)
064                    throws PortalException, SystemException {
065    
066                    if (!contains(
067                                    permissionChecker, 0, layout, portletId, actionId, strict)) {
068    
069                            throw new PrincipalException();
070                    }
071            }
072    
073            public void check(
074                            PermissionChecker permissionChecker, long groupId, Layout layout,
075                            String portletId, String actionId)
076                    throws PortalException, SystemException {
077    
078                    if (!contains(
079                                    permissionChecker, groupId, layout, portletId, actionId,
080                                    DEFAULT_STRICT)) {
081    
082                            throw new PrincipalException();
083                    }
084            }
085    
086            public void check(
087                            PermissionChecker permissionChecker, long groupId, Layout layout,
088                            String portletId, String actionId, boolean strict)
089                    throws PortalException, SystemException {
090    
091                    if (!contains(
092                                    permissionChecker, groupId, layout, portletId, actionId,
093                                    strict)) {
094    
095                            throw new PrincipalException();
096                    }
097            }
098    
099            public void check(
100                            PermissionChecker permissionChecker, long groupId, long plid,
101                            String portletId, String actionId)
102                    throws PortalException, SystemException {
103    
104                    check(
105                            permissionChecker, groupId, plid, portletId, actionId,
106                            DEFAULT_STRICT);
107            }
108    
109            public void check(
110                            PermissionChecker permissionChecker, long groupId, long plid,
111                            String portletId, String actionId, boolean strict)
112                    throws PortalException, SystemException {
113    
114                    if (!contains(
115                                    permissionChecker, groupId, plid, portletId, actionId,
116                                    strict)) {
117    
118                            throw new PrincipalException();
119                    }
120            }
121    
122            public void check(
123                            PermissionChecker permissionChecker, long plid, String portletId,
124                            String actionId)
125                    throws PortalException, SystemException {
126    
127                    check(permissionChecker, plid, portletId, actionId, DEFAULT_STRICT);
128            }
129    
130            public void check(
131                            PermissionChecker permissionChecker, long plid, String portletId,
132                            String actionId, boolean strict)
133                    throws PortalException, SystemException {
134    
135                    if (!contains(permissionChecker, plid, portletId, actionId, strict)) {
136                            throw new PrincipalException();
137                    }
138            }
139    
140            public void check(
141                            PermissionChecker permissionChecker, String portletId,
142                            String actionId)
143                    throws PortalException, SystemException {
144    
145                    if (!contains(permissionChecker, portletId, actionId)) {
146                            throw new PrincipalException();
147                    }
148            }
149    
150            public boolean contains(
151                            PermissionChecker permissionChecker, Layout layout, Portlet portlet,
152                            String actionId)
153                    throws PortalException, SystemException {
154    
155                    return contains(
156                            permissionChecker, layout, portlet, actionId, DEFAULT_STRICT);
157            }
158    
159            public boolean contains(
160                            PermissionChecker permissionChecker, Layout layout, Portlet portlet,
161                            String actionId, boolean strict)
162                    throws PortalException, SystemException {
163    
164                    return contains(
165                            permissionChecker, 0, layout, portlet, actionId, strict);
166            }
167    
168            public boolean contains(
169                            PermissionChecker permissionChecker, Layout layout,
170                            String portletId, String actionId)
171                    throws PortalException, SystemException {
172    
173                    return contains(
174                            permissionChecker, layout, portletId, actionId, DEFAULT_STRICT);
175            }
176    
177            public boolean contains(
178                            PermissionChecker permissionChecker, Layout layout,
179                            String portletId, String actionId, boolean strict)
180                    throws PortalException, SystemException {
181    
182                    return contains(
183                            permissionChecker, 0, layout, portletId, actionId, strict);
184            }
185    
186            public boolean contains(
187                            PermissionChecker permissionChecker, long groupId, Layout layout,
188                            Portlet portlet, String actionId)
189                    throws PortalException, SystemException {
190    
191                    return contains(
192                            permissionChecker, groupId, layout, portlet, actionId,
193                            DEFAULT_STRICT);
194            }
195    
196            public boolean contains(
197                            PermissionChecker permissionChecker, long groupId, Layout layout,
198                            Portlet portlet, String actionId, boolean strict)
199                    throws PortalException, SystemException {
200    
201                    if (portlet.isUndeployedPortlet()) {
202                            return false;
203                    }
204    
205                    boolean value = contains(
206                            permissionChecker, groupId, layout, portlet.getPortletId(),
207                            actionId, strict);
208    
209                    if (value) {
210                            return true;
211                    }
212                    else {
213                            if (portlet.isSystem() && actionId.equals(ActionKeys.VIEW)) {
214                                    return true;
215                            }
216                            else {
217                                    return false;
218                            }
219                    }
220            }
221    
222            public boolean contains(
223                            PermissionChecker permissionChecker, long groupId, Layout layout,
224                            String portletId, String actionId)
225                    throws PortalException, SystemException {
226    
227                    return contains(
228                            permissionChecker, groupId, layout, portletId, actionId,
229                            DEFAULT_STRICT);
230            }
231    
232            public boolean contains(
233                            PermissionChecker permissionChecker, long groupId, Layout layout,
234                            String portletId, String actionId, boolean strict)
235                    throws PortalException, SystemException {
236    
237                    String name = null;
238                    String primKey = null;
239    
240                    if (layout == null) {
241                            name = portletId;
242                            primKey = portletId;
243    
244                            return permissionChecker.hasPermission(
245                                    groupId, name, primKey, actionId);
246                    }
247    
248                    Group group = layout.getGroup();
249    
250                    groupId = group.getGroupId();
251    
252                    name = PortletConstants.getRootPortletId(portletId);
253                    primKey = getPrimaryKey(layout.getPlid(), portletId);
254    
255                    if (!actionId.equals(ActionKeys.VIEW) &&
256                            (layout instanceof VirtualLayout)) {
257    
258                            return hasCustomizePermission(
259                                    permissionChecker, layout, portletId, actionId);
260                    }
261    
262                    if (!group.isLayoutSetPrototype() &&
263                            !SitesUtil.isLayoutUpdateable(layout) &&
264                            actionId.equals(ActionKeys.CONFIGURATION)) {
265    
266                            return false;
267                    }
268    
269                    Boolean hasPermission = StagingPermissionUtil.hasPermission(
270                            permissionChecker, groupId, name, groupId, name, actionId);
271    
272                    if (hasPermission != null) {
273                            return hasPermission.booleanValue();
274                    }
275    
276                    if ((layout.isPrivateLayout() &&
277                             !PropsValues.LAYOUT_USER_PRIVATE_LAYOUTS_MODIFIABLE) ||
278                            (layout.isPublicLayout() &&
279                             !PropsValues.LAYOUT_USER_PUBLIC_LAYOUTS_MODIFIABLE)) {
280    
281                            if (actionId.equals(ActionKeys.CONFIGURATION) &&
282                                    group.isUser()) {
283    
284                                    return false;
285                            }
286                    }
287    
288                    if (actionId.equals(ActionKeys.VIEW) && group.isControlPanel()) {
289                            return true;
290                    }
291    
292                    if (strict) {
293                            return permissionChecker.hasPermission(
294                                    groupId, name, primKey, actionId);
295                    }
296    
297                    if (hasConfigurePermission(
298                                    permissionChecker, layout, portletId, actionId) ||
299                            hasCustomizePermission(
300                                    permissionChecker, layout, portletId, actionId)) {
301    
302                            return true;
303                    }
304    
305                    return permissionChecker.hasPermission(
306                            groupId, name, primKey, actionId);
307            }
308    
309            public boolean contains(
310                    PermissionChecker permissionChecker, long groupId, long plid,
311                    Collection<Portlet> portlets, String actionId) {
312    
313                    for (Portlet portlet : portlets) {
314                            if (permissionChecker.hasPermission(
315                                            groupId, portlet.getPortletId(), portlet.getPortletId(),
316                                            ActionKeys.ACCESS_IN_CONTROL_PANEL)) {
317    
318                                    return true;
319                            }
320                    }
321    
322                    return false;
323            }
324    
325            public boolean contains(
326                            PermissionChecker permissionChecker, long groupId, long plid,
327                            Portlet portlet, String actionId)
328                    throws PortalException, SystemException {
329    
330                    Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
331    
332                    return contains(
333                            permissionChecker, groupId, layout, portlet, actionId,
334                            DEFAULT_STRICT);
335            }
336    
337            public boolean contains(
338                            PermissionChecker permissionChecker, long groupId, long plid,
339                            Portlet portlet, String actionId, boolean strict)
340                    throws PortalException, SystemException {
341    
342                    Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
343    
344                    return contains(
345                            permissionChecker, groupId, layout, portlet, actionId, strict);
346            }
347    
348            public boolean contains(
349                            PermissionChecker permissionChecker, long groupId, long plid,
350                            String portletId, String actionId)
351                    throws PortalException, SystemException {
352    
353                    Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
354    
355                    return contains(
356                            permissionChecker, groupId, layout, portletId, actionId,
357                            DEFAULT_STRICT);
358            }
359    
360            public boolean contains(
361                            PermissionChecker permissionChecker, long groupId, long plid,
362                            String portletId, String actionId, boolean strict)
363                    throws PortalException, SystemException {
364    
365                    Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
366    
367                    return contains(
368                            permissionChecker, groupId, layout, portletId, actionId, strict);
369            }
370    
371            public boolean contains(
372                            PermissionChecker permissionChecker, long plid, Portlet portlet,
373                            String actionId)
374                    throws PortalException, SystemException {
375    
376                    Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
377    
378                    return contains(
379                            permissionChecker, layout, portlet, actionId, DEFAULT_STRICT);
380            }
381    
382            public boolean contains(
383                            PermissionChecker permissionChecker, long plid, Portlet portlet,
384                            String actionId, boolean strict)
385                    throws PortalException, SystemException {
386    
387                    Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
388    
389                    return contains(
390                            permissionChecker, 0, layout, portlet, actionId, strict);
391            }
392    
393            public boolean contains(
394                            PermissionChecker permissionChecker, long plid, String portletId,
395                            String actionId)
396                    throws PortalException, SystemException {
397    
398                    Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
399    
400                    return contains(
401                            permissionChecker, layout, portletId, actionId, DEFAULT_STRICT);
402            }
403    
404            public boolean contains(
405                            PermissionChecker permissionChecker, long plid, String portletId,
406                            String actionId, boolean strict)
407                    throws PortalException, SystemException {
408    
409                    Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
410    
411                    return contains(
412                            permissionChecker, 0, layout, portletId, actionId, strict);
413            }
414    
415            public boolean contains(
416                            PermissionChecker permissionChecker, String portletId,
417                            String actionId)
418                    throws PortalException, SystemException {
419    
420                    return contains(permissionChecker, 0, portletId, actionId);
421            }
422    
423            public String getPrimaryKey(long plid, String portletId) {
424                    return String.valueOf(plid).concat(
425                            PortletConstants.LAYOUT_SEPARATOR).concat(portletId);
426            }
427    
428            public boolean hasLayoutManagerPermission(
429                    String portletId, String actionId) {
430    
431                    try {
432                            portletId = PortletConstants.getRootPortletId(portletId);
433    
434                            List<String> layoutManagerActions =
435                                    ResourceActionsUtil.getPortletResourceLayoutManagerActions(
436                                            portletId);
437    
438                            return layoutManagerActions.contains(actionId);
439                    }
440                    catch (Exception e) {
441                            _log.error(e, e);
442    
443                            return false;
444                    }
445            }
446    
447            protected boolean hasConfigurePermission(
448                            PermissionChecker permissionChecker, Layout layout,
449                            String portletId, String actionId)
450                    throws PortalException, SystemException {
451    
452                    if (!actionId.equals(ActionKeys.CONFIGURATION)) {
453                            return false;
454                    }
455    
456                    Portlet portlet = PortletLocalServiceUtil.getPortletById(
457                            layout.getCompanyId(), portletId);
458    
459                    if (portlet.isPreferencesUniquePerLayout()) {
460                            return LayoutPermissionUtil.contains(
461                                    permissionChecker, layout, ActionKeys.CONFIGURE_PORTLETS);
462                    }
463    
464                    return GroupPermissionUtil.contains(
465                            permissionChecker, layout.getGroupId(),
466                            ActionKeys.CONFIGURE_PORTLETS);
467            }
468    
469            protected boolean hasCustomizePermission(
470                            PermissionChecker permissionChecker, Layout layout,
471                            String portletId, String actionId)
472                    throws PortalException, SystemException {
473    
474                    LayoutTypePortlet layoutTypePortlet =
475                            (LayoutTypePortlet)layout.getLayoutType();
476    
477                    if (layoutTypePortlet.isCustomizedView() &&
478                            layoutTypePortlet.isPortletCustomizable(portletId) &&
479                            LayoutPermissionUtil.contains(
480                                    permissionChecker, layout, ActionKeys.CUSTOMIZE)) {
481    
482                            if (actionId.equals(ActionKeys.VIEW)) {
483                                    return true;
484                            }
485                            else if (actionId.equals(ActionKeys.CONFIGURATION)) {
486                                    Portlet portlet = PortletLocalServiceUtil.getPortletById(
487                                            layout.getCompanyId(), portletId);
488    
489                                    if (portlet.isPreferencesUniquePerLayout()) {
490                                            return true;
491                                    }
492                            }
493                    }
494    
495                    return false;
496            }
497    
498            private static Log _log = LogFactoryUtil.getLog(
499                    PortletPermissionImpl.class);
500    
501    }