001
014
015 package com.liferay.portlet.portletconfiguration.action;
016
017 import com.liferay.portal.kernel.servlet.SessionErrors;
018 import com.liferay.portal.kernel.util.GetterUtil;
019 import com.liferay.portal.kernel.util.ParamUtil;
020 import com.liferay.portal.kernel.util.StringUtil;
021 import com.liferay.portal.kernel.util.Validator;
022 import com.liferay.portal.model.Portlet;
023 import com.liferay.portal.model.PortletConstants;
024 import com.liferay.portal.security.auth.PrincipalException;
025 import com.liferay.portal.security.permission.PermissionPropagator;
026 import com.liferay.portal.service.PermissionServiceUtil;
027 import com.liferay.portal.service.PortletLocalServiceUtil;
028 import com.liferay.portal.service.ResourceBlockLocalServiceUtil;
029 import com.liferay.portal.service.ResourceBlockServiceUtil;
030 import com.liferay.portal.service.ResourcePermissionServiceUtil;
031 import com.liferay.portal.theme.ThemeDisplay;
032 import com.liferay.portal.util.PropsValues;
033 import com.liferay.portal.util.WebKeys;
034
035 import java.util.ArrayList;
036 import java.util.Enumeration;
037 import java.util.HashMap;
038 import java.util.List;
039 import java.util.Map;
040
041 import javax.portlet.ActionRequest;
042 import javax.portlet.ActionResponse;
043 import javax.portlet.PortletConfig;
044 import javax.portlet.RenderRequest;
045 import javax.portlet.RenderResponse;
046
047 import org.apache.struts.action.ActionForm;
048 import org.apache.struts.action.ActionForward;
049 import org.apache.struts.action.ActionMapping;
050
051
055 public class EditPermissionsAction extends EditConfigurationAction {
056
057 @Override
058 public void processAction(
059 ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
060 ActionRequest actionRequest, ActionResponse actionResponse)
061 throws Exception {
062
063 try {
064 updateRolePermissions(actionRequest);
065
066 addSuccessMessage(actionRequest, actionResponse);
067 }
068 catch (Exception e) {
069 if (e instanceof PrincipalException) {
070 SessionErrors.add(actionRequest, e.getClass());
071
072 setForward(
073 actionRequest, "portlet.portlet_configuration.error");
074 }
075 else {
076 throw e;
077 }
078 }
079 }
080
081 @Override
082 public ActionForward render(
083 ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
084 RenderRequest renderRequest, RenderResponse renderResponse)
085 throws Exception {
086
087 ThemeDisplay themeDisplay = (ThemeDisplay)renderRequest.getAttribute(
088 WebKeys.THEME_DISPLAY);
089
090 long groupId = themeDisplay.getScopeGroupId();
091
092 String portletResource = ParamUtil.getString(
093 renderRequest, "portletResource");
094 String modelResource = ParamUtil.getString(
095 renderRequest, "modelResource");
096 String resourcePrimKey = ParamUtil.getString(
097 renderRequest, "resourcePrimKey");
098
099 String selResource = portletResource;
100
101 if (Validator.isNotNull(modelResource)) {
102 selResource = modelResource;
103 }
104
105 try {
106 PermissionServiceUtil.checkPermission(
107 groupId, selResource, resourcePrimKey);
108 }
109 catch (PrincipalException pe) {
110 SessionErrors.add(
111 renderRequest, PrincipalException.class.getName());
112
113 setForward(renderRequest, "portlet.portlet_configuration.error");
114 }
115
116 Portlet portlet = PortletLocalServiceUtil.getPortletById(
117 themeDisplay.getCompanyId(), portletResource);
118
119 if (portlet != null) {
120 renderResponse.setTitle(getTitle(portlet, renderRequest));
121 }
122
123 return mapping.findForward(
124 getForward(
125 renderRequest,
126 "portlet.portlet_configuration.edit_permissions"));
127 }
128
129 protected String[] getActionIds(
130 ActionRequest actionRequest, long roleId, boolean includePreselected) {
131
132 List<String> actionIds = getActionIdsList(
133 actionRequest, roleId, includePreselected);
134
135 return actionIds.toArray(new String[actionIds.size()]);
136 }
137
138 protected List<String> getActionIdsList(
139 ActionRequest actionRequest, long roleId, boolean includePreselected) {
140
141 List<String> actionIds = new ArrayList<String>();
142
143 Enumeration<String> enu = actionRequest.getParameterNames();
144
145 while (enu.hasMoreElements()) {
146 String name = enu.nextElement();
147
148 if (name.startsWith(roleId + "_ACTION_")) {
149 int pos = name.indexOf("_ACTION_");
150
151 String actionId = name.substring(pos + 8);
152
153 actionIds.add(actionId);
154 }
155 else if (includePreselected &&
156 name.startsWith(roleId + "_PRESELECTED_")) {
157
158 int pos = name.indexOf("_PRESELECTED_");
159
160 String actionId = name.substring(pos + 13);
161
162 actionIds.add(actionId);
163 }
164 }
165
166 return actionIds;
167 }
168
169 protected void updateRolePermissions(ActionRequest actionRequest)
170 throws Exception {
171
172 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
173 WebKeys.THEME_DISPLAY);
174
175 String portletResource = ParamUtil.getString(
176 actionRequest, "portletResource");
177 String modelResource = ParamUtil.getString(
178 actionRequest, "modelResource");
179 long[] roleIds = StringUtil.split(
180 ParamUtil.getString(
181 actionRequest, "rolesSearchContainerPrimaryKeys"), 0L);
182
183 String selResource = PortletConstants.getRootPortletId(portletResource);
184
185 if (Validator.isNotNull(modelResource)) {
186 selResource = modelResource;
187 }
188
189 long resourceGroupId = ParamUtil.getLong(
190 actionRequest, "resourceGroupId", themeDisplay.getScopeGroupId());
191 String resourcePrimKey = ParamUtil.getString(
192 actionRequest, "resourcePrimKey");
193
194 Map<Long, String[]> roleIdsToActionIds = new HashMap<Long, String[]>();
195
196 if (ResourceBlockLocalServiceUtil.isSupported(selResource)) {
197 for (long roleId : roleIds) {
198 List<String> actionIds = getActionIdsList(
199 actionRequest, roleId, true);
200
201 roleIdsToActionIds.put(
202 roleId, actionIds.toArray(new String[actionIds.size()]));
203 }
204
205 ResourceBlockServiceUtil.setIndividualScopePermissions(
206 themeDisplay.getCompanyId(), resourceGroupId, selResource,
207 GetterUtil.getLong(resourcePrimKey), roleIdsToActionIds);
208 }
209 else {
210 for (long roleId : roleIds) {
211 String[] actionIds = getActionIds(actionRequest, roleId, false);
212
213 roleIdsToActionIds.put(roleId, actionIds);
214 }
215
216 ResourcePermissionServiceUtil.setIndividualResourcePermissions(
217 resourceGroupId, themeDisplay.getCompanyId(), selResource,
218 resourcePrimKey, roleIdsToActionIds);
219 }
220
221 if (PropsValues.PERMISSIONS_PROPAGATION_ENABLED) {
222 Portlet portlet = PortletLocalServiceUtil.getPortletById(
223 themeDisplay.getCompanyId(), portletResource);
224
225 PermissionPropagator permissionPropagator =
226 portlet.getPermissionPropagatorInstance();
227
228 if (permissionPropagator != null) {
229 permissionPropagator.propagateRolePermissions(
230 actionRequest, modelResource, resourcePrimKey, roleIds);
231 }
232 }
233 }
234
235 }