001    /**
002     * Copyright (c) 2000-2013 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portlet.portletconfiguration.action;
016    
017    import com.liferay.portal.kernel.servlet.SessionErrors;
018    import com.liferay.portal.kernel.util.GetterUtil;
019    import com.liferay.portal.kernel.util.ParamUtil;
020    import com.liferay.portal.kernel.util.StringUtil;
021    import com.liferay.portal.kernel.util.Validator;
022    import com.liferay.portal.model.Layout;
023    import com.liferay.portal.model.Portlet;
024    import com.liferay.portal.model.PortletConstants;
025    import com.liferay.portal.security.auth.PrincipalException;
026    import com.liferay.portal.security.permission.PermissionPropagator;
027    import com.liferay.portal.service.LayoutLocalServiceUtil;
028    import com.liferay.portal.service.PermissionServiceUtil;
029    import com.liferay.portal.service.PortletLocalServiceUtil;
030    import com.liferay.portal.service.ResourceBlockLocalServiceUtil;
031    import com.liferay.portal.service.ResourceBlockServiceUtil;
032    import com.liferay.portal.service.ResourcePermissionServiceUtil;
033    import com.liferay.portal.servlet.filters.cache.CacheUtil;
034    import com.liferay.portal.struts.PortletAction;
035    import com.liferay.portal.theme.ThemeDisplay;
036    import com.liferay.portal.util.PropsValues;
037    import com.liferay.portal.util.WebKeys;
038    
039    import java.util.ArrayList;
040    import java.util.Date;
041    import java.util.Enumeration;
042    import java.util.HashMap;
043    import java.util.List;
044    import java.util.Map;
045    
046    import javax.portlet.ActionRequest;
047    import javax.portlet.ActionResponse;
048    import javax.portlet.PortletConfig;
049    import javax.portlet.RenderRequest;
050    import javax.portlet.RenderResponse;
051    
052    import org.apache.struts.action.ActionForm;
053    import org.apache.struts.action.ActionForward;
054    import org.apache.struts.action.ActionMapping;
055    
056    /**
057     * @author Brian Wing Shun Chan
058     * @author Connor McKay
059     */
060    public class EditPermissionsAction extends PortletAction {
061    
062            @Override
063            public void processAction(
064                            ActionMapping actionMapping, ActionForm actionForm,
065                            PortletConfig portletConfig, ActionRequest actionRequest,
066                            ActionResponse actionResponse)
067                    throws Exception {
068    
069                    try {
070                            ActionUtil.checkPortletConfigurationPermission(actionRequest);
071    
072                            actionRequest = ActionUtil.getWrappedActionRequest(
073                                    actionRequest, null);
074    
075                            updateRolePermissions(actionRequest);
076    
077                            addSuccessMessage(actionRequest, actionResponse);
078                    }
079                    catch (Exception e) {
080                            if (e instanceof PrincipalException) {
081                                    SessionErrors.add(actionRequest, e.getClass());
082    
083                                    setForward(
084                                            actionRequest, "portlet.portlet_configuration.error");
085                            }
086                            else {
087                                    throw e;
088                            }
089                    }
090            }
091    
092            @Override
093            public ActionForward render(
094                            ActionMapping actionMapping, ActionForm actionForm,
095                            PortletConfig portletConfig, RenderRequest renderRequest,
096                            RenderResponse renderResponse)
097                    throws Exception {
098    
099                    try {
100                            ActionUtil.checkPortletConfigurationPermission(renderRequest);
101                    }
102                    catch (PrincipalException pe) {
103                            SessionErrors.add(
104                                    renderRequest, PrincipalException.class.getName());
105    
106                            return actionMapping.findForward(
107                                    "portlet.portlet_configuration.error");
108                    }
109    
110                    renderRequest = ActionUtil.getWrappedRenderRequest(renderRequest, null);
111    
112                    ThemeDisplay themeDisplay = (ThemeDisplay)renderRequest.getAttribute(
113                            WebKeys.THEME_DISPLAY);
114    
115                    long groupId = ParamUtil.getLong(
116                            renderRequest, "resourceGroupId", themeDisplay.getScopeGroupId());
117    
118                    String portletResource = ParamUtil.getString(
119                            renderRequest, "portletResource");
120                    String modelResource = ParamUtil.getString(
121                            renderRequest, "modelResource");
122                    String resourcePrimKey = ParamUtil.getString(
123                            renderRequest, "resourcePrimKey");
124    
125                    String selResource = portletResource;
126    
127                    if (Validator.isNotNull(modelResource)) {
128                            selResource = modelResource;
129                    }
130    
131                    try {
132                            PermissionServiceUtil.checkPermission(
133                                    groupId, selResource, resourcePrimKey);
134                    }
135                    catch (PrincipalException pe) {
136                            SessionErrors.add(
137                                    renderRequest, PrincipalException.class.getName());
138    
139                            return actionMapping.findForward(
140                                    "portlet.portlet_configuration.error");
141                    }
142    
143                    Portlet portlet = PortletLocalServiceUtil.getPortletById(
144                            themeDisplay.getCompanyId(), portletResource);
145    
146                    if (portlet != null) {
147                            renderResponse.setTitle(
148                                    ActionUtil.getTitle(portlet, renderRequest));
149                    }
150    
151                    return actionMapping.findForward(
152                            getForward(
153                                    renderRequest,
154                                    "portlet.portlet_configuration.edit_permissions"));
155            }
156    
157            protected String[] getActionIds(
158                    ActionRequest actionRequest, long roleId, boolean includePreselected) {
159    
160                    List<String> actionIds = getActionIdsList(
161                            actionRequest, roleId, includePreselected);
162    
163                    return actionIds.toArray(new String[actionIds.size()]);
164            }
165    
166            protected List<String> getActionIdsList(
167                    ActionRequest actionRequest, long roleId, boolean includePreselected) {
168    
169                    List<String> actionIds = new ArrayList<String>();
170    
171                    Enumeration<String> enu = actionRequest.getParameterNames();
172    
173                    while (enu.hasMoreElements()) {
174                            String name = enu.nextElement();
175    
176                            if (name.startsWith(roleId + ActionUtil.ACTION)) {
177                                    int pos = name.indexOf(ActionUtil.ACTION);
178    
179                                    String actionId = name.substring(
180                                            pos + ActionUtil.ACTION.length());
181    
182                                    actionIds.add(actionId);
183                            }
184                            else if (includePreselected &&
185                                             name.startsWith(roleId + ActionUtil.PRESELECTED)) {
186    
187                                    int pos = name.indexOf(ActionUtil.PRESELECTED);
188    
189                                    String actionId = name.substring(
190                                            pos + ActionUtil.PRESELECTED.length());
191    
192                                    actionIds.add(actionId);
193                            }
194                    }
195    
196                    return actionIds;
197            }
198    
199            protected void updateRolePermissions(ActionRequest actionRequest)
200                    throws Exception {
201    
202                    ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
203                            WebKeys.THEME_DISPLAY);
204    
205                    String portletResource = ParamUtil.getString(
206                            actionRequest, "portletResource");
207                    String modelResource = ParamUtil.getString(
208                            actionRequest, "modelResource");
209                    long[] roleIds = StringUtil.split(
210                            ParamUtil.getString(
211                                    actionRequest, "rolesSearchContainerPrimaryKeys"), 0L);
212    
213                    String selResource = PortletConstants.getRootPortletId(portletResource);
214    
215                    if (Validator.isNotNull(modelResource)) {
216                            selResource = modelResource;
217                    }
218    
219                    long resourceGroupId = ParamUtil.getLong(
220                            actionRequest, "resourceGroupId", themeDisplay.getScopeGroupId());
221                    String resourcePrimKey = ParamUtil.getString(
222                            actionRequest, "resourcePrimKey");
223    
224                    Map<Long, String[]> roleIdsToActionIds = new HashMap<Long, String[]>();
225    
226                    if (ResourceBlockLocalServiceUtil.isSupported(selResource)) {
227                            for (long roleId : roleIds) {
228                                    List<String> actionIds = getActionIdsList(
229                                            actionRequest, roleId, true);
230    
231                                    roleIdsToActionIds.put(
232                                            roleId, actionIds.toArray(new String[actionIds.size()]));
233                            }
234    
235                            ResourceBlockServiceUtil.setIndividualScopePermissions(
236                                    themeDisplay.getCompanyId(), resourceGroupId, selResource,
237                                    GetterUtil.getLong(resourcePrimKey), roleIdsToActionIds);
238                    }
239                    else {
240                            for (long roleId : roleIds) {
241                                    String[] actionIds = getActionIds(actionRequest, roleId, false);
242    
243                                    roleIdsToActionIds.put(roleId, actionIds);
244                            }
245    
246                            ResourcePermissionServiceUtil.setIndividualResourcePermissions(
247                                    resourceGroupId, themeDisplay.getCompanyId(), selResource,
248                                    resourcePrimKey, roleIdsToActionIds);
249                    }
250    
251                    int pos = resourcePrimKey.indexOf(PortletConstants.LAYOUT_SEPARATOR);
252    
253                    if (pos != -1) {
254                            long plid = GetterUtil.getLong(resourcePrimKey.substring(0, pos));
255    
256                            Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
257    
258                            if (layout != null) {
259                                    layout.setModifiedDate(new Date());
260    
261                                    LayoutLocalServiceUtil.updateLayout(layout);
262    
263                                    CacheUtil.clearCache(layout.getCompanyId());
264                            }
265                    }
266    
267                    if (PropsValues.PERMISSIONS_PROPAGATION_ENABLED) {
268                            Portlet portlet = PortletLocalServiceUtil.getPortletById(
269                                    themeDisplay.getCompanyId(), portletResource);
270    
271                            PermissionPropagator permissionPropagator =
272                                    portlet.getPermissionPropagatorInstance();
273    
274                            if (permissionPropagator != null) {
275                                    permissionPropagator.propagateRolePermissions(
276                                            actionRequest, modelResource, resourcePrimKey, roleIds);
277                            }
278                    }
279            }
280    
281    }