001
014
015 package com.liferay.portal.model.impl;
016
017 import com.liferay.portal.kernel.exception.PortalException;
018 import com.liferay.portal.kernel.portlet.PortletModeFactory;
019 import com.liferay.portal.kernel.util.ArrayUtil;
020 import com.liferay.portal.kernel.util.GetterUtil;
021 import com.liferay.portal.kernel.util.ParamUtil;
022 import com.liferay.portal.kernel.util.PropsKeys;
023 import com.liferay.portal.kernel.util.PropsUtil;
024 import com.liferay.portal.kernel.util.StringUtil;
025 import com.liferay.portal.kernel.util.Validator;
026 import com.liferay.portal.kernel.util.WebKeys;
027 import com.liferay.portal.model.Layout;
028 import com.liferay.portal.model.LayoutTypeAccessPolicy;
029 import com.liferay.portal.model.LayoutTypePortlet;
030 import com.liferay.portal.model.Portlet;
031 import com.liferay.portal.security.auth.AuthTokenUtil;
032 import com.liferay.portal.security.auth.PrincipalException;
033 import com.liferay.portal.security.permission.ActionKeys;
034 import com.liferay.portal.security.permission.PermissionChecker;
035 import com.liferay.portal.security.permission.PermissionThreadLocal;
036 import com.liferay.portal.service.permission.LayoutPermissionUtil;
037 import com.liferay.portal.service.permission.PortletPermissionUtil;
038 import com.liferay.portal.theme.ThemeDisplay;
039 import com.liferay.portal.util.PortalUtil;
040
041 import javax.portlet.PortletMode;
042
043 import javax.servlet.http.HttpServletRequest;
044
045
048 public class DefaultLayoutTypeAccessPolicyImpl
049 implements LayoutTypeAccessPolicy {
050
051 public static LayoutTypeAccessPolicy create() {
052 return _instance;
053 }
054
055 @Override
056 public void checkAccessAllowedToPortlet(
057 HttpServletRequest request, Layout layout, Portlet portlet)
058 throws PortalException {
059
060 if (isAccessAllowedToLayoutPortlet(request, layout, portlet)) {
061 PortalUtil.addPortletDefaultResource(request, portlet);
062
063 if (hasAccessPermission(request, layout, portlet)) {
064 return;
065 }
066 }
067
068 throw new PrincipalException.MustHavePermission(
069 PortalUtil.getUserId(request), portlet.getDisplayName(),
070 portlet.getPortletId(), ActionKeys.ACCESS);
071 }
072
073 @Override
074 public boolean isAddLayoutAllowed(
075 PermissionChecker permissionChecker, Layout layout)
076 throws PortalException {
077
078 return LayoutPermissionUtil.contains(
079 permissionChecker, layout, ActionKeys.ADD_LAYOUT);
080 }
081
082 @Override
083 public boolean isCustomizeLayoutAllowed(
084 PermissionChecker permissionChecker, Layout layout)
085 throws PortalException {
086
087 return LayoutPermissionUtil.contains(
088 permissionChecker, layout, ActionKeys.CUSTOMIZE);
089 }
090
091 @Override
092 public boolean isDeleteLayoutAllowed(
093 PermissionChecker permissionChecker, Layout layout)
094 throws PortalException {
095
096 return LayoutPermissionUtil.contains(
097 permissionChecker, layout, ActionKeys.DELETE);
098 }
099
100 @Override
101 public boolean isUpdateLayoutAllowed(
102 PermissionChecker permissionChecker, Layout layout)
103 throws PortalException {
104
105 return LayoutPermissionUtil.contains(
106 permissionChecker, layout, ActionKeys.UPDATE);
107 }
108
109 @Override
110 public boolean isViewLayoutAllowed(
111 PermissionChecker permissionChecker, Layout layout)
112 throws PortalException {
113
114 return LayoutPermissionUtil.contains(
115 permissionChecker, layout, ActionKeys.VIEW);
116 }
117
118 protected boolean hasAccessPermission(
119 HttpServletRequest request, Layout layout, Portlet portlet)
120 throws PortalException {
121
122 PermissionChecker permissionChecker =
123 PermissionThreadLocal.getPermissionChecker();
124
125 ThemeDisplay themeDisplay = (ThemeDisplay)request.getAttribute(
126 WebKeys.THEME_DISPLAY);
127
128 PortletMode portletMode = PortletMode.VIEW;
129
130 String portletId = portlet.getPortletId();
131 String ppid = request.getParameter("p_p_id");
132 String ppmode = request.getParameter("p_p_mode");
133
134 if (portletId.equals(ppid) && (ppmode != null)) {
135 portletMode = PortletModeFactory.getPortletMode(ppmode);
136 }
137
138 return PortletPermissionUtil.hasAccessPermission(
139 permissionChecker, themeDisplay.getScopeGroupId(), layout, portlet,
140 portletMode);
141 }
142
143 protected boolean isAccessAllowedToLayoutPortlet(
144 HttpServletRequest request, Layout layout, Portlet portlet) {
145
146 if (isAccessGrantedByRuntimePortlet(request)) {
147 return true;
148 }
149
150 if (isAccessGrantedByPortletOnPage(layout, portlet)) {
151 return true;
152 }
153
154 if (isAccessGrantedByPortletAuthenticationToken(
155 request, layout, portlet)) {
156
157 return true;
158 }
159
160 return false;
161 }
162
163 protected boolean isAccessGrantedByPortletAuthenticationToken(
164 HttpServletRequest request, Layout layout, Portlet portlet) {
165
166 String portletId = portlet.getPortletId();
167
168 if (!portlet.isAddDefaultResource()) {
169 return false;
170 }
171
172 if (!_PORTLET_ADD_DEFAULT_RESOURCE_CHECK_ENABLED) {
173 return true;
174 }
175
176 String namespace = PortalUtil.getPortletNamespace(portletId);
177
178 String strutsAction = ParamUtil.getString(
179 request, namespace + "struts_action");
180
181 if (Validator.isNull(strutsAction)) {
182 strutsAction = ParamUtil.getString(request, "struts_action");
183 }
184
185 String requestPortletAuthenticationToken = ParamUtil.getString(
186 request, "p_p_auth");
187
188 if (Validator.isNull(requestPortletAuthenticationToken)) {
189 HttpServletRequest originalRequest =
190 PortalUtil.getOriginalServletRequest(request);
191
192 requestPortletAuthenticationToken = ParamUtil.getString(
193 originalRequest, "p_p_auth");
194 }
195
196 if (AuthTokenUtil.isValidPortletInvocationToken(
197 request, layout.getPlid(), portletId, strutsAction,
198 requestPortletAuthenticationToken)) {
199
200 return true;
201 }
202
203 return false;
204 }
205
206 protected boolean isAccessGrantedByPortletOnPage(
207 Layout layout, Portlet portlet) {
208
209 String portletId = portlet.getPortletId();
210
211 if (layout.isTypePanel() && isPanelSelectedPortlet(layout, portletId)) {
212 return true;
213 }
214
215 LayoutTypePortlet layoutTypePortlet =
216 (LayoutTypePortlet)layout.getLayoutType();
217
218 if ((layoutTypePortlet != null) &&
219 layoutTypePortlet.hasPortletId(portletId)) {
220
221 return true;
222 }
223
224 return false;
225 }
226
227 protected boolean isAccessGrantedByRuntimePortlet(
228 HttpServletRequest request) {
229
230 Boolean renderPortletResource = (Boolean)request.getAttribute(
231 WebKeys.RENDER_PORTLET_RESOURCE);
232
233 if (renderPortletResource != null) {
234 return renderPortletResource;
235 }
236
237 return false;
238 }
239
240 protected boolean isPanelSelectedPortlet(Layout layout, String portletId) {
241 String panelSelectedPortlets = layout.getTypeSettingsProperty(
242 "panelSelectedPortlets");
243
244 if (Validator.isNotNull(panelSelectedPortlets)) {
245 String[] panelSelectedPortletsArray = StringUtil.split(
246 panelSelectedPortlets);
247
248 return ArrayUtil.contains(panelSelectedPortletsArray, portletId);
249 }
250
251 return false;
252 }
253
254 private static final boolean _PORTLET_ADD_DEFAULT_RESOURCE_CHECK_ENABLED =
255 GetterUtil.getBoolean(
256 PropsUtil.get(
257 PropsKeys.PORTLET_ADD_DEFAULT_RESOURCE_CHECK_ENABLED));
258
259 private static final LayoutTypeAccessPolicy _instance =
260 new DefaultLayoutTypeAccessPolicyImpl();
261
262 }