001
014
015 package com.liferay.portal.service.permission;
016
017 import com.liferay.portal.kernel.exception.PortalException;
018 import com.liferay.portal.kernel.log.Log;
019 import com.liferay.portal.kernel.log.LogFactoryUtil;
020 import com.liferay.portal.kernel.util.StringUtil;
021 import com.liferay.portal.model.Group;
022 import com.liferay.portal.model.Layout;
023 import com.liferay.portal.model.LayoutTypePortlet;
024 import com.liferay.portal.model.Portlet;
025 import com.liferay.portal.model.PortletConstants;
026 import com.liferay.portal.model.impl.VirtualLayout;
027 import com.liferay.portal.security.auth.PrincipalException;
028 import com.liferay.portal.security.permission.ActionKeys;
029 import com.liferay.portal.security.permission.PermissionChecker;
030 import com.liferay.portal.security.permission.ResourceActionsUtil;
031 import com.liferay.portal.service.GroupLocalServiceUtil;
032 import com.liferay.portal.service.LayoutLocalServiceUtil;
033 import com.liferay.portal.service.PortletLocalServiceUtil;
034 import com.liferay.portal.util.PortletCategoryKeys;
035 import com.liferay.portlet.ControlPanelEntry;
036 import com.liferay.portlet.exportimport.staging.permission.StagingPermissionUtil;
037 import com.liferay.portlet.sites.util.SitesUtil;
038
039 import java.util.Collection;
040 import java.util.List;
041
042 import javax.portlet.PortletMode;
043
044
048 public class PortletPermissionImpl implements PortletPermission {
049
050 @Override
051 public void check(
052 PermissionChecker permissionChecker, Layout layout,
053 String portletId, String actionId)
054 throws PortalException {
055
056 if (!contains(
057 permissionChecker, 0, layout, portletId, actionId,
058 _STRICT_DEFAULT)) {
059
060 throw new PrincipalException.MustHavePermission(
061 permissionChecker, Portlet.class.getName(), portletId,
062 actionId);
063 }
064 }
065
066 @Override
067 public void check(
068 PermissionChecker permissionChecker, Layout layout,
069 String portletId, String actionId, boolean strict)
070 throws PortalException {
071
072 if (!contains(
073 permissionChecker, 0, layout, portletId, actionId, strict)) {
074
075 throw new PrincipalException.MustHavePermission(
076 permissionChecker, Portlet.class.getName(), portletId,
077 actionId);
078 }
079 }
080
081 @Override
082 public void check(
083 PermissionChecker permissionChecker, long groupId, Layout layout,
084 String portletId, String actionId)
085 throws PortalException {
086
087 if (!contains(
088 permissionChecker, groupId, layout, portletId, actionId,
089 _STRICT_DEFAULT)) {
090
091 throw new PrincipalException.MustHavePermission(
092 permissionChecker, Portlet.class.getName(), portletId,
093 actionId);
094 }
095 }
096
097 @Override
098 public void check(
099 PermissionChecker permissionChecker, long groupId, Layout layout,
100 String portletId, String actionId, boolean strict)
101 throws PortalException {
102
103 check(
104 permissionChecker, groupId, layout, portletId, actionId, strict,
105 _CHECK_STAGING_PERMISSION_DEFAULT);
106 }
107
108 @Override
109 public void check(
110 PermissionChecker permissionChecker, long groupId, Layout layout,
111 String portletId, String actionId, boolean strict,
112 boolean checkStagingPermission)
113 throws PortalException {
114
115 if (!contains(
116 permissionChecker, groupId, layout, portletId, actionId, strict,
117 checkStagingPermission)) {
118
119 throw new PrincipalException.MustHavePermission(
120 permissionChecker, Portlet.class.getName(), portletId,
121 actionId);
122 }
123 }
124
125 @Override
126 public void check(
127 PermissionChecker permissionChecker, long groupId, long plid,
128 String portletId, String actionId)
129 throws PortalException {
130
131 check(
132 permissionChecker, groupId, plid, portletId, actionId,
133 _STRICT_DEFAULT);
134 }
135
136 @Override
137 public void check(
138 PermissionChecker permissionChecker, long groupId, long plid,
139 String portletId, String actionId, boolean strict)
140 throws PortalException {
141
142 if (!contains(
143 permissionChecker, groupId, plid, portletId, actionId,
144 strict)) {
145
146 throw new PrincipalException.MustHavePermission(
147 permissionChecker, Portlet.class.getName(), portletId,
148 actionId);
149 }
150 }
151
152 @Override
153 public void check(
154 PermissionChecker permissionChecker, long plid, String portletId,
155 String actionId)
156 throws PortalException {
157
158 check(permissionChecker, plid, portletId, actionId, _STRICT_DEFAULT);
159 }
160
161 @Override
162 public void check(
163 PermissionChecker permissionChecker, long plid, String portletId,
164 String actionId, boolean strict)
165 throws PortalException {
166
167 if (!contains(permissionChecker, plid, portletId, actionId, strict)) {
168 throw new PrincipalException.MustHavePermission(
169 permissionChecker, Portlet.class.getName(), portletId,
170 actionId);
171 }
172 }
173
174 @Override
175 public void check(
176 PermissionChecker permissionChecker, String portletId,
177 String actionId)
178 throws PortalException {
179
180 if (!contains(permissionChecker, portletId, actionId)) {
181 throw new PrincipalException.MustHavePermission(
182 permissionChecker, Portlet.class.getName(), portletId,
183 actionId);
184 }
185 }
186
187 @Override
188 public boolean contains(
189 PermissionChecker permissionChecker, Layout layout, Portlet portlet,
190 String actionId)
191 throws PortalException {
192
193 return contains(
194 permissionChecker, layout, portlet, actionId, _STRICT_DEFAULT);
195 }
196
197 @Override
198 public boolean contains(
199 PermissionChecker permissionChecker, Layout layout, Portlet portlet,
200 String actionId, boolean strict)
201 throws PortalException {
202
203 return contains(
204 permissionChecker, 0, layout, portlet, actionId, strict);
205 }
206
207 @Override
208 public boolean contains(
209 PermissionChecker permissionChecker, Layout layout,
210 String portletId, String actionId)
211 throws PortalException {
212
213 return contains(
214 permissionChecker, layout, portletId, actionId, _STRICT_DEFAULT);
215 }
216
217 @Override
218 public boolean contains(
219 PermissionChecker permissionChecker, Layout layout,
220 String portletId, String actionId, boolean strict)
221 throws PortalException {
222
223 return contains(
224 permissionChecker, 0, layout, portletId, actionId, strict);
225 }
226
227 @Override
228 public boolean contains(
229 PermissionChecker permissionChecker, long groupId, Layout layout,
230 Portlet portlet, String actionId)
231 throws PortalException {
232
233 return contains(
234 permissionChecker, groupId, layout, portlet, actionId,
235 _STRICT_DEFAULT);
236 }
237
238 @Override
239 public boolean contains(
240 PermissionChecker permissionChecker, long groupId, Layout layout,
241 Portlet portlet, String actionId, boolean strict)
242 throws PortalException {
243
244 if (portlet.isUndeployedPortlet()) {
245 return false;
246 }
247
248 return contains(
249 permissionChecker, groupId, layout, portlet.getPortletId(),
250 actionId, strict);
251 }
252
253 @Override
254 public boolean contains(
255 PermissionChecker permissionChecker, long groupId, Layout layout,
256 String portletId, String actionId)
257 throws PortalException {
258
259 return contains(
260 permissionChecker, groupId, layout, portletId, actionId,
261 _STRICT_DEFAULT);
262 }
263
264 @Override
265 public boolean contains(
266 PermissionChecker permissionChecker, long groupId, Layout layout,
267 String portletId, String actionId, boolean strict)
268 throws PortalException {
269
270 return contains(
271 permissionChecker, groupId, layout, portletId, actionId, strict,
272 _CHECK_STAGING_PERMISSION_DEFAULT);
273 }
274
275 @Override
276 public boolean contains(
277 PermissionChecker permissionChecker, long groupId, Layout layout,
278 String portletId, String actionId, boolean strict,
279 boolean checkStagingPermission)
280 throws PortalException {
281
282 String name = null;
283 String primKey = null;
284
285 if (layout == null) {
286 name = portletId;
287 primKey = portletId;
288
289 return permissionChecker.hasPermission(
290 groupId, name, primKey, actionId);
291 }
292
293 if (!actionId.equals(ActionKeys.VIEW) && !layout.isTypeControlPanel() &&
294 (layout instanceof VirtualLayout)) {
295
296 return hasCustomizePermission(
297 permissionChecker, layout, portletId, actionId);
298 }
299
300 Group group = layout.getGroup();
301
302 if (!group.isLayoutSetPrototype() && !layout.isTypeControlPanel() &&
303 actionId.equals(ActionKeys.CONFIGURATION) &&
304 !SitesUtil.isLayoutUpdateable(layout)) {
305
306 return false;
307 }
308
309 groupId = layout.getGroupId();
310
311 name = PortletConstants.getRootPortletId(portletId);
312
313 if (checkStagingPermission) {
314 Boolean hasPermission = StagingPermissionUtil.hasPermission(
315 permissionChecker, groupId, name, groupId, name, actionId);
316
317 if (hasPermission != null) {
318 return hasPermission.booleanValue();
319 }
320 }
321
322 if (group.isControlPanel() && actionId.equals(ActionKeys.VIEW)) {
323 return true;
324 }
325
326 primKey = getPrimaryKey(layout.getPlid(), portletId);
327
328 if (strict) {
329 return permissionChecker.hasPermission(
330 groupId, name, primKey, actionId);
331 }
332
333 if (hasConfigurePermission(
334 permissionChecker, layout, portletId, actionId) ||
335 hasCustomizePermission(
336 permissionChecker, layout, portletId, actionId)) {
337
338 return true;
339 }
340
341 return permissionChecker.hasPermission(
342 groupId, name, primKey, actionId);
343 }
344
345 public boolean contains(
346 PermissionChecker permissionChecker, long groupId, long plid,
347 Portlet portlet, String actionId)
348 throws PortalException {
349
350 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
351
352 return contains(
353 permissionChecker, groupId, layout, portlet, actionId,
354 _STRICT_DEFAULT);
355 }
356
357 @Override
358 public boolean contains(
359 PermissionChecker permissionChecker, long groupId, long plid,
360 Portlet portlet, String actionId, boolean strict)
361 throws PortalException {
362
363 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
364
365 return contains(
366 permissionChecker, groupId, layout, portlet, actionId, strict);
367 }
368
369 public boolean contains(
370 PermissionChecker permissionChecker, long groupId, long plid,
371 String portletId, String actionId)
372 throws PortalException {
373
374 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
375
376 return contains(
377 permissionChecker, groupId, layout, portletId, actionId,
378 _STRICT_DEFAULT);
379 }
380
381 @Override
382 public boolean contains(
383 PermissionChecker permissionChecker, long groupId, long plid,
384 String portletId, String actionId, boolean strict)
385 throws PortalException {
386
387 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
388
389 return contains(
390 permissionChecker, groupId, layout, portletId, actionId, strict);
391 }
392
393 @Override
394 public boolean contains(
395 PermissionChecker permissionChecker, long plid, Portlet portlet,
396 String actionId)
397 throws PortalException {
398
399 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
400
401 return contains(
402 permissionChecker, layout, portlet, actionId, _STRICT_DEFAULT);
403 }
404
405 @Override
406 public boolean contains(
407 PermissionChecker permissionChecker, long plid, Portlet portlet,
408 String actionId, boolean strict)
409 throws PortalException {
410
411 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
412
413 return contains(
414 permissionChecker, 0, layout, portlet, actionId, strict);
415 }
416
417 @Override
418 public boolean contains(
419 PermissionChecker permissionChecker, long plid, String portletId,
420 String actionId)
421 throws PortalException {
422
423 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
424
425 return contains(
426 permissionChecker, layout, portletId, actionId, _STRICT_DEFAULT);
427 }
428
429 @Override
430 public boolean contains(
431 PermissionChecker permissionChecker, long plid, String portletId,
432 String actionId, boolean strict)
433 throws PortalException {
434
435 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
436
437 return contains(
438 permissionChecker, 0, layout, portletId, actionId, strict);
439 }
440
441 @Override
442 public boolean contains(
443 PermissionChecker permissionChecker, String portletId,
444 String actionId)
445 throws PortalException {
446
447 return contains(permissionChecker, 0, portletId, actionId);
448 }
449
450 @Override
451 public String getPrimaryKey(long plid, String portletId) {
452 return String.valueOf(plid).concat(
453 PortletConstants.LAYOUT_SEPARATOR).concat(portletId);
454 }
455
456 @Override
457 public boolean hasAccessPermission(
458 PermissionChecker permissionChecker, long scopeGroupId,
459 Layout layout, Portlet portlet, PortletMode portletMode)
460 throws PortalException {
461
462 if ((layout != null) && layout.isTypeControlPanel()) {
463 String category = portlet.getControlPanelEntryCategory();
464
465 if (StringUtil.startsWith(
466 category, PortletCategoryKeys.SITE_ADMINISTRATION)) {
467
468 layout = null;
469 }
470 }
471
472 boolean access = contains(
473 permissionChecker, scopeGroupId, layout, portlet, ActionKeys.VIEW);
474
475 if (access && portletMode.equals(PortletMode.EDIT)) {
476 access = contains(
477 permissionChecker, scopeGroupId, layout, portlet,
478 ActionKeys.PREFERENCES);
479 }
480
481 return access;
482 }
483
484 @Override
485 public boolean hasConfigurationPermission(
486 PermissionChecker permissionChecker, long groupId, Layout layout,
487 String actionId)
488 throws PortalException {
489
490 LayoutTypePortlet layoutTypePortlet =
491 (LayoutTypePortlet)layout.getLayoutType();
492
493 for (Portlet portlet : layoutTypePortlet.getAllPortlets(false)) {
494 if (contains(
495 permissionChecker, groupId, layout, portlet.getPortletId(),
496 actionId)) {
497
498 return true;
499 }
500
501 if (contains(
502 permissionChecker, groupId, null,
503 portlet.getRootPortletId(), actionId)) {
504
505 return true;
506 }
507 }
508
509 return false;
510 }
511
512 @Override
513 public boolean hasControlPanelAccessPermission(
514 PermissionChecker permissionChecker, long groupId,
515 Collection<Portlet> portlets)
516 throws PortalException {
517
518 for (Portlet portlet : portlets) {
519 if (hasControlPanelAccessPermission(
520 permissionChecker, groupId, portlet)) {
521
522 return true;
523 }
524 }
525
526 return false;
527 }
528
529 @Override
530 public boolean hasControlPanelAccessPermission(
531 PermissionChecker permissionChecker, long scopeGroupId,
532 Portlet portlet)
533 throws PortalException {
534
535 Group group = GroupLocalServiceUtil.getGroup(scopeGroupId);
536
537 ControlPanelEntry controlPanelEntry =
538 portlet.getControlPanelEntryInstance();
539
540 try {
541 return controlPanelEntry.hasAccessPermission(
542 permissionChecker, group, portlet);
543 }
544 catch (Exception e) {
545 if (_log.isWarnEnabled()) {
546 _log.warn("Cannot process control panel access permission", e);
547 }
548
549 return false;
550 }
551 }
552
553 @Override
554 public boolean hasControlPanelAccessPermission(
555 PermissionChecker permissionChecker, long scopeGroupId,
556 String portletId)
557 throws PortalException {
558
559 Portlet portlet = PortletLocalServiceUtil.getPortletById(portletId);
560
561 return hasControlPanelAccessPermission(
562 permissionChecker, scopeGroupId, portlet);
563 }
564
565 @Override
566 public boolean hasLayoutManagerPermission(
567 String portletId, String actionId) {
568
569 try {
570 portletId = PortletConstants.getRootPortletId(portletId);
571
572 List<String> layoutManagerActions =
573 ResourceActionsUtil.getPortletResourceLayoutManagerActions(
574 portletId);
575
576 return layoutManagerActions.contains(actionId);
577 }
578 catch (Exception e) {
579 _log.error(e, e);
580
581 return false;
582 }
583 }
584
585 protected boolean hasConfigurePermission(
586 PermissionChecker permissionChecker, Layout layout,
587 String portletId, String actionId)
588 throws PortalException {
589
590 if (!actionId.equals(ActionKeys.CONFIGURATION) &&
591 !actionId.equals(ActionKeys.PREFERENCES) &&
592 !actionId.equals(ActionKeys.GUEST_PREFERENCES)) {
593
594 return false;
595 }
596
597 Portlet portlet = PortletLocalServiceUtil.getPortletById(
598 layout.getCompanyId(), portletId);
599
600 if (portlet.isPreferencesUniquePerLayout()) {
601 return LayoutPermissionUtil.contains(
602 permissionChecker, layout, ActionKeys.CONFIGURE_PORTLETS);
603 }
604
605 return GroupPermissionUtil.contains(
606 permissionChecker, layout.getGroupId(),
607 ActionKeys.CONFIGURE_PORTLETS);
608 }
609
610 protected boolean hasCustomizePermission(
611 PermissionChecker permissionChecker, Layout layout,
612 String portletId, String actionId)
613 throws PortalException {
614
615 LayoutTypePortlet layoutTypePortlet =
616 (LayoutTypePortlet)layout.getLayoutType();
617
618 if (layoutTypePortlet.isCustomizedView() &&
619 layoutTypePortlet.isPortletCustomizable(portletId) &&
620 LayoutPermissionUtil.contains(
621 permissionChecker, layout, ActionKeys.CUSTOMIZE)) {
622
623 if (actionId.equals(ActionKeys.VIEW)) {
624 return true;
625 }
626 else if (actionId.equals(ActionKeys.CONFIGURATION)) {
627 Portlet portlet = PortletLocalServiceUtil.getPortletById(
628 layout.getCompanyId(), portletId);
629
630 if (portlet.isInstanceable() ||
631 portlet.isPreferencesUniquePerLayout()) {
632
633 return true;
634 }
635 }
636 }
637
638 return false;
639 }
640
641 private static final boolean _CHECK_STAGING_PERMISSION_DEFAULT = true;
642
643 private static final boolean _STRICT_DEFAULT = false;
644
645 private static final Log _log = LogFactoryUtil.getLog(
646 PortletPermissionImpl.class);
647
648 }