001
014
015 package com.liferay.portal.service.permission;
016
017 import com.liferay.portal.kernel.exception.PortalException;
018 import com.liferay.portal.kernel.exception.SystemException;
019 import com.liferay.portal.kernel.log.Log;
020 import com.liferay.portal.kernel.log.LogFactoryUtil;
021 import com.liferay.portal.kernel.staging.permission.StagingPermissionUtil;
022 import com.liferay.portal.kernel.util.Validator;
023 import com.liferay.portal.model.Group;
024 import com.liferay.portal.model.Layout;
025 import com.liferay.portal.model.LayoutTypePortlet;
026 import com.liferay.portal.model.Portlet;
027 import com.liferay.portal.model.PortletConstants;
028 import com.liferay.portal.model.impl.VirtualLayout;
029 import com.liferay.portal.security.auth.PrincipalException;
030 import com.liferay.portal.security.permission.ActionKeys;
031 import com.liferay.portal.security.permission.PermissionChecker;
032 import com.liferay.portal.security.permission.ResourceActionsUtil;
033 import com.liferay.portal.service.LayoutLocalServiceUtil;
034 import com.liferay.portal.service.PortletLocalServiceUtil;
035 import com.liferay.portal.util.PortletCategoryKeys;
036 import com.liferay.portal.util.PropsValues;
037 import com.liferay.portlet.sites.util.SitesUtil;
038
039 import java.util.Collection;
040 import java.util.List;
041
042 import javax.portlet.PortletMode;
043
044
048 public class PortletPermissionImpl implements PortletPermission {
049
050 public static final boolean DEFAULT_STRICT = false;
051
052 @Override
053 public void check(
054 PermissionChecker permissionChecker, Layout layout,
055 String portletId, String actionId)
056 throws PortalException, SystemException {
057
058 if (!contains(
059 permissionChecker, 0, layout, portletId, actionId,
060 DEFAULT_STRICT)) {
061
062 throw new PrincipalException();
063 }
064 }
065
066 @Override
067 public void check(
068 PermissionChecker permissionChecker, Layout layout,
069 String portletId, String actionId, boolean strict)
070 throws PortalException, SystemException {
071
072 if (!contains(
073 permissionChecker, 0, layout, portletId, actionId, strict)) {
074
075 throw new PrincipalException();
076 }
077 }
078
079 @Override
080 public void check(
081 PermissionChecker permissionChecker, long groupId, Layout layout,
082 String portletId, String actionId)
083 throws PortalException, SystemException {
084
085 if (!contains(
086 permissionChecker, groupId, layout, portletId, actionId,
087 DEFAULT_STRICT)) {
088
089 throw new PrincipalException();
090 }
091 }
092
093 @Override
094 public void check(
095 PermissionChecker permissionChecker, long groupId, Layout layout,
096 String portletId, String actionId, boolean strict)
097 throws PortalException, SystemException {
098
099 if (!contains(
100 permissionChecker, groupId, layout, portletId, actionId,
101 strict)) {
102
103 throw new PrincipalException();
104 }
105 }
106
107 @Override
108 public void check(
109 PermissionChecker permissionChecker, long groupId, long plid,
110 String portletId, String actionId)
111 throws PortalException, SystemException {
112
113 check(
114 permissionChecker, groupId, plid, portletId, actionId,
115 DEFAULT_STRICT);
116 }
117
118 @Override
119 public void check(
120 PermissionChecker permissionChecker, long groupId, long plid,
121 String portletId, String actionId, boolean strict)
122 throws PortalException, SystemException {
123
124 if (!contains(
125 permissionChecker, groupId, plid, portletId, actionId,
126 strict)) {
127
128 throw new PrincipalException();
129 }
130 }
131
132 @Override
133 public void check(
134 PermissionChecker permissionChecker, long plid, String portletId,
135 String actionId)
136 throws PortalException, SystemException {
137
138 check(permissionChecker, plid, portletId, actionId, DEFAULT_STRICT);
139 }
140
141 @Override
142 public void check(
143 PermissionChecker permissionChecker, long plid, String portletId,
144 String actionId, boolean strict)
145 throws PortalException, SystemException {
146
147 if (!contains(permissionChecker, plid, portletId, actionId, strict)) {
148 throw new PrincipalException();
149 }
150 }
151
152 @Override
153 public void check(
154 PermissionChecker permissionChecker, String portletId,
155 String actionId)
156 throws PortalException, SystemException {
157
158 if (!contains(permissionChecker, portletId, actionId)) {
159 throw new PrincipalException();
160 }
161 }
162
163 @Override
164 public boolean contains(
165 PermissionChecker permissionChecker, Layout layout, Portlet portlet,
166 String actionId)
167 throws PortalException, SystemException {
168
169 return contains(
170 permissionChecker, layout, portlet, actionId, DEFAULT_STRICT);
171 }
172
173 @Override
174 public boolean contains(
175 PermissionChecker permissionChecker, Layout layout, Portlet portlet,
176 String actionId, boolean strict)
177 throws PortalException, SystemException {
178
179 return contains(
180 permissionChecker, 0, layout, portlet, actionId, strict);
181 }
182
183 @Override
184 public boolean contains(
185 PermissionChecker permissionChecker, Layout layout,
186 String portletId, String actionId)
187 throws PortalException, SystemException {
188
189 return contains(
190 permissionChecker, layout, portletId, actionId, DEFAULT_STRICT);
191 }
192
193 @Override
194 public boolean contains(
195 PermissionChecker permissionChecker, Layout layout,
196 String portletId, String actionId, boolean strict)
197 throws PortalException, SystemException {
198
199 return contains(
200 permissionChecker, 0, layout, portletId, actionId, strict);
201 }
202
203 @Override
204 public boolean contains(
205 PermissionChecker permissionChecker, long groupId, Layout layout,
206 Portlet portlet, String actionId)
207 throws PortalException, SystemException {
208
209 return contains(
210 permissionChecker, groupId, layout, portlet, actionId,
211 DEFAULT_STRICT);
212 }
213
214 @Override
215 public boolean contains(
216 PermissionChecker permissionChecker, long groupId, Layout layout,
217 Portlet portlet, String actionId, boolean strict)
218 throws PortalException, SystemException {
219
220 if (portlet.isUndeployedPortlet()) {
221 return false;
222 }
223
224 if (portlet.isSystem() && actionId.equals(ActionKeys.VIEW)) {
225 return true;
226 }
227
228 return contains(
229 permissionChecker, groupId, layout, portlet.getPortletId(),
230 actionId, strict);
231 }
232
233 @Override
234 public boolean contains(
235 PermissionChecker permissionChecker, long groupId, Layout layout,
236 String portletId, String actionId)
237 throws PortalException, SystemException {
238
239 return contains(
240 permissionChecker, groupId, layout, portletId, actionId,
241 DEFAULT_STRICT);
242 }
243
244 @Override
245 public boolean contains(
246 PermissionChecker permissionChecker, long groupId, Layout layout,
247 String portletId, String actionId, boolean strict)
248 throws PortalException, SystemException {
249
250 String name = null;
251 String primKey = null;
252
253 if (layout == null) {
254 name = portletId;
255 primKey = portletId;
256
257 return permissionChecker.hasPermission(
258 groupId, name, primKey, actionId);
259 }
260
261 Group group = layout.getGroup();
262
263 groupId = group.getGroupId();
264
265 name = PortletConstants.getRootPortletId(portletId);
266 primKey = getPrimaryKey(layout.getPlid(), portletId);
267
268 if (!actionId.equals(ActionKeys.VIEW) &&
269 (layout instanceof VirtualLayout)) {
270
271 return hasCustomizePermission(
272 permissionChecker, layout, portletId, actionId);
273 }
274
275 if (!group.isLayoutSetPrototype() &&
276 !SitesUtil.isLayoutUpdateable(layout) &&
277 actionId.equals(ActionKeys.CONFIGURATION)) {
278
279 return false;
280 }
281
282 Boolean hasPermission = StagingPermissionUtil.hasPermission(
283 permissionChecker, groupId, name, groupId, name, actionId);
284
285 if (hasPermission != null) {
286 return hasPermission.booleanValue();
287 }
288
289 if (actionId.equals(ActionKeys.VIEW) && group.isControlPanel()) {
290 return true;
291 }
292
293 if (strict) {
294 return permissionChecker.hasPermission(
295 groupId, name, primKey, actionId);
296 }
297
298 if (hasConfigurePermission(
299 permissionChecker, layout, portletId, actionId) ||
300 hasCustomizePermission(
301 permissionChecker, layout, portletId, actionId)) {
302
303 return true;
304 }
305
306 return permissionChecker.hasPermission(
307 groupId, name, primKey, actionId);
308 }
309
310 @Override
311 public boolean contains(
312 PermissionChecker permissionChecker, long groupId, long plid,
313 Collection<Portlet> portlets, String actionId) {
314
315 for (Portlet portlet : portlets) {
316 if (permissionChecker.hasPermission(
317 groupId, portlet.getPortletId(), portlet.getPortletId(),
318 ActionKeys.ACCESS_IN_CONTROL_PANEL)) {
319
320 return true;
321 }
322 }
323
324 return false;
325 }
326
327 public boolean contains(
328 PermissionChecker permissionChecker, long groupId, long plid,
329 Portlet portlet, String actionId)
330 throws PortalException, SystemException {
331
332 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
333
334 return contains(
335 permissionChecker, groupId, layout, portlet, actionId,
336 DEFAULT_STRICT);
337 }
338
339 @Override
340 public boolean contains(
341 PermissionChecker permissionChecker, long groupId, long plid,
342 Portlet portlet, String actionId, boolean strict)
343 throws PortalException, SystemException {
344
345 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
346
347 return contains(
348 permissionChecker, groupId, layout, portlet, actionId, strict);
349 }
350
351 public boolean contains(
352 PermissionChecker permissionChecker, long groupId, long plid,
353 String portletId, String actionId)
354 throws PortalException, SystemException {
355
356 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
357
358 return contains(
359 permissionChecker, groupId, layout, portletId, actionId,
360 DEFAULT_STRICT);
361 }
362
363 @Override
364 public boolean contains(
365 PermissionChecker permissionChecker, long groupId, long plid,
366 String portletId, String actionId, boolean strict)
367 throws PortalException, SystemException {
368
369 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
370
371 return contains(
372 permissionChecker, groupId, layout, portletId, actionId, strict);
373 }
374
375 @Override
376 public boolean contains(
377 PermissionChecker permissionChecker, long plid, Portlet portlet,
378 String actionId)
379 throws PortalException, SystemException {
380
381 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
382
383 return contains(
384 permissionChecker, layout, portlet, actionId, DEFAULT_STRICT);
385 }
386
387 @Override
388 public boolean contains(
389 PermissionChecker permissionChecker, long plid, Portlet portlet,
390 String actionId, boolean strict)
391 throws PortalException, SystemException {
392
393 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
394
395 return contains(
396 permissionChecker, 0, layout, portlet, actionId, strict);
397 }
398
399 @Override
400 public boolean contains(
401 PermissionChecker permissionChecker, long plid, String portletId,
402 String actionId)
403 throws PortalException, SystemException {
404
405 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
406
407 return contains(
408 permissionChecker, layout, portletId, actionId, DEFAULT_STRICT);
409 }
410
411 @Override
412 public boolean contains(
413 PermissionChecker permissionChecker, long plid, String portletId,
414 String actionId, boolean strict)
415 throws PortalException, SystemException {
416
417 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
418
419 return contains(
420 permissionChecker, 0, layout, portletId, actionId, strict);
421 }
422
423 @Override
424 public boolean contains(
425 PermissionChecker permissionChecker, String portletId,
426 String actionId)
427 throws PortalException, SystemException {
428
429 return contains(permissionChecker, 0, portletId, actionId);
430 }
431
432 @Override
433 public String getPrimaryKey(long plid, String portletId) {
434 return String.valueOf(plid).concat(
435 PortletConstants.LAYOUT_SEPARATOR).concat(portletId);
436 }
437
438 @Override
439 public boolean hasAccessPermission(
440 PermissionChecker permissionChecker, long scopeGroupId,
441 Layout layout, Portlet portlet, PortletMode portletMode)
442 throws PortalException, SystemException {
443
444 if ((layout != null) && layout.isTypeControlPanel()) {
445 String category = portlet.getControlPanelEntryCategory();
446
447 if (Validator.equals(category, PortletCategoryKeys.CONTENT)) {
448 layout = null;
449 }
450 }
451
452 boolean access = contains(
453 permissionChecker, scopeGroupId, layout, portlet, ActionKeys.VIEW);
454
455 if (access && !PropsValues.TCK_URL &&
456 portletMode.equals(PortletMode.EDIT)) {
457
458 access = contains(
459 permissionChecker, scopeGroupId, layout, portlet,
460 ActionKeys.PREFERENCES);
461 }
462
463 return access;
464 }
465
466 @Override
467 public boolean hasConfigurationPermission(
468 PermissionChecker permissionChecker, long groupId, Layout layout,
469 String actionId)
470 throws PortalException, SystemException {
471
472 LayoutTypePortlet layoutTypePortlet =
473 (LayoutTypePortlet)layout.getLayoutType();
474
475 for (Portlet portlet : layoutTypePortlet.getAllPortlets()) {
476 if (contains(
477 permissionChecker, groupId, layout, portlet.getPortletId(),
478 actionId)) {
479
480 return true;
481 }
482
483 if (contains(
484 permissionChecker, groupId, null,
485 portlet.getRootPortletId(), actionId)) {
486
487 return true;
488 }
489 }
490
491 return false;
492 }
493
494 @Override
495 public boolean hasLayoutManagerPermission(
496 String portletId, String actionId) {
497
498 try {
499 portletId = PortletConstants.getRootPortletId(portletId);
500
501 List<String> layoutManagerActions =
502 ResourceActionsUtil.getPortletResourceLayoutManagerActions(
503 portletId);
504
505 return layoutManagerActions.contains(actionId);
506 }
507 catch (Exception e) {
508 _log.error(e, e);
509
510 return false;
511 }
512 }
513
514 protected boolean hasConfigurePermission(
515 PermissionChecker permissionChecker, Layout layout,
516 String portletId, String actionId)
517 throws PortalException, SystemException {
518
519 if (!actionId.equals(ActionKeys.CONFIGURATION) &&
520 !actionId.equals(ActionKeys.PREFERENCES) &&
521 !actionId.equals(ActionKeys.GUEST_PREFERENCES)) {
522
523 return false;
524 }
525
526 Portlet portlet = PortletLocalServiceUtil.getPortletById(
527 layout.getCompanyId(), portletId);
528
529 if (portlet.isPreferencesUniquePerLayout()) {
530 return LayoutPermissionUtil.contains(
531 permissionChecker, layout, ActionKeys.CONFIGURE_PORTLETS);
532 }
533
534 return GroupPermissionUtil.contains(
535 permissionChecker, layout.getGroupId(),
536 ActionKeys.CONFIGURE_PORTLETS);
537 }
538
539 protected boolean hasCustomizePermission(
540 PermissionChecker permissionChecker, Layout layout,
541 String portletId, String actionId)
542 throws PortalException, SystemException {
543
544 LayoutTypePortlet layoutTypePortlet =
545 (LayoutTypePortlet)layout.getLayoutType();
546
547 if (layoutTypePortlet.isCustomizedView() &&
548 layoutTypePortlet.isPortletCustomizable(portletId) &&
549 LayoutPermissionUtil.contains(
550 permissionChecker, layout, ActionKeys.CUSTOMIZE)) {
551
552 if (actionId.equals(ActionKeys.VIEW)) {
553 return true;
554 }
555 else if (actionId.equals(ActionKeys.CONFIGURATION)) {
556 Portlet portlet = PortletLocalServiceUtil.getPortletById(
557 layout.getCompanyId(), portletId);
558
559 if (portlet.isPreferencesUniquePerLayout()) {
560 return true;
561 }
562 }
563 }
564
565 return false;
566 }
567
568 private static Log _log = LogFactoryUtil.getLog(
569 PortletPermissionImpl.class);
570
571 }