001    /**
002     * Copyright (c) 2000-2013 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portlet;
016    
017    import com.liferay.portal.kernel.exception.PortalException;
018    import com.liferay.portal.kernel.exception.SystemException;
019    import com.liferay.portal.kernel.util.StringPool;
020    import com.liferay.portal.model.Group;
021    import com.liferay.portal.model.LayoutConstants;
022    import com.liferay.portal.model.Portlet;
023    import com.liferay.portal.security.permission.ActionKeys;
024    import com.liferay.portal.security.permission.PermissionChecker;
025    import com.liferay.portal.security.permission.ResourceActionsUtil;
026    import com.liferay.portal.service.permission.PortletPermissionUtil;
027    import com.liferay.portal.theme.ThemeDisplay;
028    import com.liferay.portal.util.PortletCategoryKeys;
029    
030    import java.util.List;
031    
032    /**
033     * @author Jorge Ferrer
034     */
035    public abstract class BaseControlPanelEntry implements ControlPanelEntry {
036    
037            public boolean hasAccessPermission(
038                            PermissionChecker permissionChecker, Group group, Portlet portlet)
039                    throws Exception {
040    
041                    if (hasAccessPermissionDenied(permissionChecker, group, portlet)) {
042                            return false;
043                    }
044    
045                    if (hasAccessPermissionExplicitlyGranted(
046                                    permissionChecker, group, portlet)) {
047    
048                            return true;
049                    }
050    
051                    return hasPermissionImplicitlyGranted(
052                            permissionChecker, group, portlet);
053            }
054    
055            /**
056             * @deprecated As of 6.2, with no direct replacement.<p>This method was
057             *             originally defined to determine if a portlet should be
058             *             displayed in the Control Panel. In this version, this method
059             *             should always return <code>false</code> and remains only to
060             *             preserve binary compatibility. This method will be
061             *             permanently removed in a future version.</p><p>In lieu of
062             *             this method, the Control Panel now uses {@link
063             *             #hasAccessPermission} to determine if a portlet should be
064             *             displayed in the Control Panel.</p>
065             */
066            public boolean isVisible(
067                            PermissionChecker permissionChecker, Portlet portlet)
068                    throws Exception {
069    
070                    return false;
071            }
072    
073            /**
074             * @deprecated As of 6.2, with no direct replacement.<p>This method was
075             *             originally defined to determine if a portlet should be
076             *             displayed in the Control Panel. In this version, this method
077             *             should always return <code>false</code> and remains only to
078             *             preserve binary compatibility. This method will be
079             *             permanently removed in a future version.</p><p>In lieu of
080             *             this method, the Control Panel now uses {@link
081             *             #hasAccessPermission} to determine if a portlet should be
082             *             displayed in the Control Panel.</p>
083             */
084            public boolean isVisible(
085                            Portlet portlet, String category, ThemeDisplay themeDisplay)
086                    throws Exception {
087    
088                    return false;
089            }
090    
091            protected long getDefaultPlid(Group group, String category) {
092                    long plid = LayoutConstants.DEFAULT_PLID;
093    
094                    if (category.equals(PortletCategoryKeys.CONTENT)) {
095                            plid = group.getDefaultPublicPlid();
096    
097                            if (plid == LayoutConstants.DEFAULT_PLID) {
098                                    plid = group.getDefaultPrivatePlid();
099                            }
100                    }
101    
102                    return plid;
103            }
104    
105            protected boolean hasAccessPermissionDenied(
106                            PermissionChecker permissionChecker, Group group, Portlet portlet)
107                    throws Exception {
108    
109                    return false;
110            }
111    
112            protected boolean hasAccessPermissionExplicitlyGranted(
113                            PermissionChecker permissionChecker, Group group, Portlet portlet)
114                    throws PortalException, SystemException {
115    
116                    if (permissionChecker.isCompanyAdmin()) {
117                            return true;
118                    }
119    
120                    String category = portlet.getControlPanelEntryCategory();
121    
122                    if (category == null) {
123                            category = StringPool.BLANK;
124                    }
125    
126                    if (category.equals(PortletCategoryKeys.CONTENT)) {
127                            if (group.isLayout() && !portlet.isScopeable()) {
128                                    return false;
129                            }
130    
131                            if (permissionChecker.isGroupAdmin(group.getGroupId()) &&
132                                    !group.isUser()) {
133    
134                                    return true;
135                            }
136                    }
137    
138                    long groupId = group.getGroupId();
139    
140                    if (category.equals(PortletCategoryKeys.PORTAL) ||
141                            category.equals(PortletCategoryKeys.SERVER)) {
142    
143                            groupId = 0;
144                    }
145    
146                    List<String> actions = ResourceActionsUtil.getResourceActions(
147                            portlet.getPortletId());
148    
149                    if (actions.contains(ActionKeys.ACCESS_IN_CONTROL_PANEL) &&
150                            PortletPermissionUtil.contains(
151                                    permissionChecker, groupId, getDefaultPlid(group, category),
152                                    portlet.getPortletId(), ActionKeys.ACCESS_IN_CONTROL_PANEL,
153                                    true)) {
154    
155                            return true;
156                    }
157    
158                    return false;
159            }
160    
161            protected boolean hasPermissionImplicitlyGranted(
162                            PermissionChecker permissionChecker, Group group, Portlet portlet)
163                    throws Exception {
164    
165                    return false;
166            }
167    
168    }