001
014
015 package com.liferay.portal.service.permission;
016
017 import com.liferay.portal.kernel.exception.PortalException;
018 import com.liferay.portal.kernel.exception.SystemException;
019 import com.liferay.portal.kernel.log.Log;
020 import com.liferay.portal.kernel.log.LogFactoryUtil;
021 import com.liferay.portal.kernel.staging.permission.StagingPermissionUtil;
022 import com.liferay.portal.kernel.util.StringUtil;
023 import com.liferay.portal.model.Group;
024 import com.liferay.portal.model.Layout;
025 import com.liferay.portal.model.LayoutTypePortlet;
026 import com.liferay.portal.model.Portlet;
027 import com.liferay.portal.model.PortletConstants;
028 import com.liferay.portal.model.impl.VirtualLayout;
029 import com.liferay.portal.security.auth.PrincipalException;
030 import com.liferay.portal.security.permission.ActionKeys;
031 import com.liferay.portal.security.permission.PermissionChecker;
032 import com.liferay.portal.security.permission.ResourceActionsUtil;
033 import com.liferay.portal.service.GroupLocalServiceUtil;
034 import com.liferay.portal.service.LayoutLocalServiceUtil;
035 import com.liferay.portal.service.PortletLocalServiceUtil;
036 import com.liferay.portal.util.PortletCategoryKeys;
037 import com.liferay.portal.util.PropsValues;
038 import com.liferay.portlet.ControlPanelEntry;
039 import com.liferay.portlet.sites.util.SitesUtil;
040
041 import java.util.Collection;
042 import java.util.List;
043
044 import javax.portlet.PortletMode;
045
046
050 public class PortletPermissionImpl implements PortletPermission {
051
052 public static final boolean DEFAULT_STRICT = false;
053
054 @Override
055 public void check(
056 PermissionChecker permissionChecker, Layout layout,
057 String portletId, String actionId)
058 throws PortalException, SystemException {
059
060 if (!contains(
061 permissionChecker, 0, layout, portletId, actionId,
062 DEFAULT_STRICT)) {
063
064 throw new PrincipalException();
065 }
066 }
067
068 @Override
069 public void check(
070 PermissionChecker permissionChecker, Layout layout,
071 String portletId, String actionId, boolean strict)
072 throws PortalException, SystemException {
073
074 if (!contains(
075 permissionChecker, 0, layout, portletId, actionId, strict)) {
076
077 throw new PrincipalException();
078 }
079 }
080
081 @Override
082 public void check(
083 PermissionChecker permissionChecker, long groupId, Layout layout,
084 String portletId, String actionId)
085 throws PortalException, SystemException {
086
087 if (!contains(
088 permissionChecker, groupId, layout, portletId, actionId,
089 DEFAULT_STRICT)) {
090
091 throw new PrincipalException();
092 }
093 }
094
095 @Override
096 public void check(
097 PermissionChecker permissionChecker, long groupId, Layout layout,
098 String portletId, String actionId, boolean strict)
099 throws PortalException, SystemException {
100
101 if (!contains(
102 permissionChecker, groupId, layout, portletId, actionId,
103 strict)) {
104
105 throw new PrincipalException();
106 }
107 }
108
109 @Override
110 public void check(
111 PermissionChecker permissionChecker, long groupId, long plid,
112 String portletId, String actionId)
113 throws PortalException, SystemException {
114
115 check(
116 permissionChecker, groupId, plid, portletId, actionId,
117 DEFAULT_STRICT);
118 }
119
120 @Override
121 public void check(
122 PermissionChecker permissionChecker, long groupId, long plid,
123 String portletId, String actionId, boolean strict)
124 throws PortalException, SystemException {
125
126 if (!contains(
127 permissionChecker, groupId, plid, portletId, actionId,
128 strict)) {
129
130 throw new PrincipalException();
131 }
132 }
133
134 @Override
135 public void check(
136 PermissionChecker permissionChecker, long plid, String portletId,
137 String actionId)
138 throws PortalException, SystemException {
139
140 check(permissionChecker, plid, portletId, actionId, DEFAULT_STRICT);
141 }
142
143 @Override
144 public void check(
145 PermissionChecker permissionChecker, long plid, String portletId,
146 String actionId, boolean strict)
147 throws PortalException, SystemException {
148
149 if (!contains(permissionChecker, plid, portletId, actionId, strict)) {
150 throw new PrincipalException();
151 }
152 }
153
154 @Override
155 public void check(
156 PermissionChecker permissionChecker, String portletId,
157 String actionId)
158 throws PortalException, SystemException {
159
160 if (!contains(permissionChecker, portletId, actionId)) {
161 throw new PrincipalException();
162 }
163 }
164
165 @Override
166 public boolean contains(
167 PermissionChecker permissionChecker, Layout layout, Portlet portlet,
168 String actionId)
169 throws PortalException, SystemException {
170
171 return contains(
172 permissionChecker, layout, portlet, actionId, DEFAULT_STRICT);
173 }
174
175 @Override
176 public boolean contains(
177 PermissionChecker permissionChecker, Layout layout, Portlet portlet,
178 String actionId, boolean strict)
179 throws PortalException, SystemException {
180
181 return contains(
182 permissionChecker, 0, layout, portlet, actionId, strict);
183 }
184
185 @Override
186 public boolean contains(
187 PermissionChecker permissionChecker, Layout layout,
188 String portletId, String actionId)
189 throws PortalException, SystemException {
190
191 return contains(
192 permissionChecker, layout, portletId, actionId, DEFAULT_STRICT);
193 }
194
195 @Override
196 public boolean contains(
197 PermissionChecker permissionChecker, Layout layout,
198 String portletId, String actionId, boolean strict)
199 throws PortalException, SystemException {
200
201 return contains(
202 permissionChecker, 0, layout, portletId, actionId, strict);
203 }
204
205 @Override
206 public boolean contains(
207 PermissionChecker permissionChecker, long groupId, Layout layout,
208 Portlet portlet, String actionId)
209 throws PortalException, SystemException {
210
211 return contains(
212 permissionChecker, groupId, layout, portlet, actionId,
213 DEFAULT_STRICT);
214 }
215
216 @Override
217 public boolean contains(
218 PermissionChecker permissionChecker, long groupId, Layout layout,
219 Portlet portlet, String actionId, boolean strict)
220 throws PortalException, SystemException {
221
222 if (portlet.isUndeployedPortlet()) {
223 return false;
224 }
225
226 return contains(
227 permissionChecker, groupId, layout, portlet.getPortletId(),
228 actionId, strict);
229 }
230
231 @Override
232 public boolean contains(
233 PermissionChecker permissionChecker, long groupId, Layout layout,
234 String portletId, String actionId)
235 throws PortalException, SystemException {
236
237 return contains(
238 permissionChecker, groupId, layout, portletId, actionId,
239 DEFAULT_STRICT);
240 }
241
242 @Override
243 public boolean contains(
244 PermissionChecker permissionChecker, long groupId, Layout layout,
245 String portletId, String actionId, boolean strict)
246 throws PortalException, SystemException {
247
248 String name = null;
249 String primKey = null;
250
251 if (layout == null) {
252 name = portletId;
253 primKey = portletId;
254
255 return permissionChecker.hasPermission(
256 groupId, name, primKey, actionId);
257 }
258
259 Group group = layout.getGroup();
260
261 groupId = group.getGroupId();
262
263 name = PortletConstants.getRootPortletId(portletId);
264 primKey = getPrimaryKey(layout.getPlid(), portletId);
265
266 if (!actionId.equals(ActionKeys.VIEW) &&
267 (layout instanceof VirtualLayout)) {
268
269 return hasCustomizePermission(
270 permissionChecker, layout, portletId, actionId);
271 }
272
273 if (!group.isLayoutSetPrototype() &&
274 !SitesUtil.isLayoutUpdateable(layout) &&
275 actionId.equals(ActionKeys.CONFIGURATION)) {
276
277 return false;
278 }
279
280 Boolean hasPermission = StagingPermissionUtil.hasPermission(
281 permissionChecker, groupId, name, groupId, name, actionId);
282
283 if (hasPermission != null) {
284 return hasPermission.booleanValue();
285 }
286
287 if (group.isControlPanel() && actionId.equals(ActionKeys.VIEW)) {
288 return true;
289 }
290
291 if (strict) {
292 return permissionChecker.hasPermission(
293 groupId, name, primKey, actionId);
294 }
295
296 if (hasConfigurePermission(
297 permissionChecker, layout, portletId, actionId) ||
298 hasCustomizePermission(
299 permissionChecker, layout, portletId, actionId)) {
300
301 return true;
302 }
303
304 return permissionChecker.hasPermission(
305 groupId, name, primKey, actionId);
306 }
307
308 public boolean contains(
309 PermissionChecker permissionChecker, long groupId, long plid,
310 Portlet portlet, String actionId)
311 throws PortalException, SystemException {
312
313 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
314
315 return contains(
316 permissionChecker, groupId, layout, portlet, actionId,
317 DEFAULT_STRICT);
318 }
319
320 @Override
321 public boolean contains(
322 PermissionChecker permissionChecker, long groupId, long plid,
323 Portlet portlet, String actionId, boolean strict)
324 throws PortalException, SystemException {
325
326 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
327
328 return contains(
329 permissionChecker, groupId, layout, portlet, actionId, strict);
330 }
331
332 public boolean contains(
333 PermissionChecker permissionChecker, long groupId, long plid,
334 String portletId, String actionId)
335 throws PortalException, SystemException {
336
337 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
338
339 return contains(
340 permissionChecker, groupId, layout, portletId, actionId,
341 DEFAULT_STRICT);
342 }
343
344 @Override
345 public boolean contains(
346 PermissionChecker permissionChecker, long groupId, long plid,
347 String portletId, String actionId, boolean strict)
348 throws PortalException, SystemException {
349
350 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
351
352 return contains(
353 permissionChecker, groupId, layout, portletId, actionId, strict);
354 }
355
356 @Override
357 public boolean contains(
358 PermissionChecker permissionChecker, long plid, Portlet portlet,
359 String actionId)
360 throws PortalException, SystemException {
361
362 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
363
364 return contains(
365 permissionChecker, layout, portlet, actionId, DEFAULT_STRICT);
366 }
367
368 @Override
369 public boolean contains(
370 PermissionChecker permissionChecker, long plid, Portlet portlet,
371 String actionId, boolean strict)
372 throws PortalException, SystemException {
373
374 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
375
376 return contains(
377 permissionChecker, 0, layout, portlet, actionId, strict);
378 }
379
380 @Override
381 public boolean contains(
382 PermissionChecker permissionChecker, long plid, String portletId,
383 String actionId)
384 throws PortalException, SystemException {
385
386 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
387
388 return contains(
389 permissionChecker, layout, portletId, actionId, DEFAULT_STRICT);
390 }
391
392 @Override
393 public boolean contains(
394 PermissionChecker permissionChecker, long plid, String portletId,
395 String actionId, boolean strict)
396 throws PortalException, SystemException {
397
398 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
399
400 return contains(
401 permissionChecker, 0, layout, portletId, actionId, strict);
402 }
403
404 @Override
405 public boolean contains(
406 PermissionChecker permissionChecker, String portletId,
407 String actionId)
408 throws PortalException, SystemException {
409
410 return contains(permissionChecker, 0, portletId, actionId);
411 }
412
413 @Override
414 public String getPrimaryKey(long plid, String portletId) {
415 return String.valueOf(plid).concat(
416 PortletConstants.LAYOUT_SEPARATOR).concat(portletId);
417 }
418
419 @Override
420 public boolean hasAccessPermission(
421 PermissionChecker permissionChecker, long scopeGroupId,
422 Layout layout, Portlet portlet, PortletMode portletMode)
423 throws PortalException, SystemException {
424
425 if ((layout != null) && layout.isTypeControlPanel()) {
426 String category = portlet.getControlPanelEntryCategory();
427
428 if (StringUtil.startsWith(
429 category, PortletCategoryKeys.SITE_ADMINISTRATION)) {
430
431 layout = null;
432 }
433 }
434
435 boolean access = contains(
436 permissionChecker, scopeGroupId, layout, portlet, ActionKeys.VIEW);
437
438 if (access && !PropsValues.TCK_URL &&
439 portletMode.equals(PortletMode.EDIT)) {
440
441 access = contains(
442 permissionChecker, scopeGroupId, layout, portlet,
443 ActionKeys.PREFERENCES);
444 }
445
446 return access;
447 }
448
449 @Override
450 public boolean hasConfigurationPermission(
451 PermissionChecker permissionChecker, long groupId, Layout layout,
452 String actionId)
453 throws PortalException, SystemException {
454
455 LayoutTypePortlet layoutTypePortlet =
456 (LayoutTypePortlet)layout.getLayoutType();
457
458 for (Portlet portlet : layoutTypePortlet.getAllPortlets(false)) {
459 if (contains(
460 permissionChecker, groupId, layout, portlet.getPortletId(),
461 actionId)) {
462
463 return true;
464 }
465
466 if (contains(
467 permissionChecker, groupId, null,
468 portlet.getRootPortletId(), actionId)) {
469
470 return true;
471 }
472 }
473
474 return false;
475 }
476
477 @Override
478 public boolean hasControlPanelAccessPermission(
479 PermissionChecker permissionChecker, long groupId,
480 Collection<Portlet> portlets)
481 throws PortalException, SystemException {
482
483 for (Portlet portlet : portlets) {
484 if (hasControlPanelAccessPermission(
485 permissionChecker, groupId, portlet)) {
486
487 return true;
488 }
489 }
490
491 return false;
492 }
493
494 @Override
495 public boolean hasControlPanelAccessPermission(
496 PermissionChecker permissionChecker, long scopeGroupId,
497 Portlet portlet)
498 throws PortalException, SystemException {
499
500 Group group = GroupLocalServiceUtil.getGroup(scopeGroupId);
501
502 ControlPanelEntry controlPanelEntry =
503 portlet.getControlPanelEntryInstance();
504
505 try {
506 return controlPanelEntry.hasAccessPermission(
507 permissionChecker, group, portlet);
508 }
509 catch (Exception e) {
510 _log.warn("Cannot process control panel access permission", e);
511
512 return false;
513 }
514 }
515
516 @Override
517 public boolean hasControlPanelAccessPermission(
518 PermissionChecker permissionChecker, long scopeGroupId,
519 String portletId)
520 throws PortalException, SystemException {
521
522 Portlet portlet = PortletLocalServiceUtil.getPortletById(portletId);
523
524 return hasControlPanelAccessPermission(
525 permissionChecker, scopeGroupId, portlet);
526 }
527
528 @Override
529 public boolean hasLayoutManagerPermission(
530 String portletId, String actionId) {
531
532 try {
533 portletId = PortletConstants.getRootPortletId(portletId);
534
535 List<String> layoutManagerActions =
536 ResourceActionsUtil.getPortletResourceLayoutManagerActions(
537 portletId);
538
539 return layoutManagerActions.contains(actionId);
540 }
541 catch (Exception e) {
542 _log.error(e, e);
543
544 return false;
545 }
546 }
547
548 protected boolean hasConfigurePermission(
549 PermissionChecker permissionChecker, Layout layout,
550 String portletId, String actionId)
551 throws PortalException, SystemException {
552
553 if (!actionId.equals(ActionKeys.CONFIGURATION) &&
554 !actionId.equals(ActionKeys.PREFERENCES) &&
555 !actionId.equals(ActionKeys.GUEST_PREFERENCES)) {
556
557 return false;
558 }
559
560 Portlet portlet = PortletLocalServiceUtil.getPortletById(
561 layout.getCompanyId(), portletId);
562
563 if (portlet.isPreferencesUniquePerLayout()) {
564 return LayoutPermissionUtil.contains(
565 permissionChecker, layout, ActionKeys.CONFIGURE_PORTLETS);
566 }
567
568 return GroupPermissionUtil.contains(
569 permissionChecker, layout.getGroupId(),
570 ActionKeys.CONFIGURE_PORTLETS);
571 }
572
573 protected boolean hasCustomizePermission(
574 PermissionChecker permissionChecker, Layout layout,
575 String portletId, String actionId)
576 throws PortalException, SystemException {
577
578 LayoutTypePortlet layoutTypePortlet =
579 (LayoutTypePortlet)layout.getLayoutType();
580
581 if (layoutTypePortlet.isCustomizedView() &&
582 layoutTypePortlet.isPortletCustomizable(portletId) &&
583 LayoutPermissionUtil.contains(
584 permissionChecker, layout, ActionKeys.CUSTOMIZE)) {
585
586 if (actionId.equals(ActionKeys.VIEW)) {
587 return true;
588 }
589 else if (actionId.equals(ActionKeys.CONFIGURATION)) {
590 Portlet portlet = PortletLocalServiceUtil.getPortletById(
591 layout.getCompanyId(), portletId);
592
593 if (portlet.isPreferencesUniquePerLayout()) {
594 return true;
595 }
596 }
597 }
598
599 return false;
600 }
601
602 private static Log _log = LogFactoryUtil.getLog(
603 PortletPermissionImpl.class);
604
605 }