001    /**
002     * Copyright (c) 2000-present Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.model.impl;
016    
017    import com.liferay.portal.kernel.exception.PortalException;
018    import com.liferay.portal.kernel.portlet.PortletModeFactory;
019    import com.liferay.portal.kernel.util.ArrayUtil;
020    import com.liferay.portal.kernel.util.GetterUtil;
021    import com.liferay.portal.kernel.util.PropsKeys;
022    import com.liferay.portal.kernel.util.PropsUtil;
023    import com.liferay.portal.kernel.util.StringUtil;
024    import com.liferay.portal.kernel.util.Validator;
025    import com.liferay.portal.kernel.util.WebKeys;
026    import com.liferay.portal.model.Layout;
027    import com.liferay.portal.model.LayoutTypeAccessPolicy;
028    import com.liferay.portal.model.LayoutTypePortlet;
029    import com.liferay.portal.model.Portlet;
030    import com.liferay.portal.security.auth.AuthTokenUtil;
031    import com.liferay.portal.security.auth.PrincipalException;
032    import com.liferay.portal.security.permission.ActionKeys;
033    import com.liferay.portal.security.permission.PermissionChecker;
034    import com.liferay.portal.security.permission.PermissionThreadLocal;
035    import com.liferay.portal.service.permission.LayoutPermissionUtil;
036    import com.liferay.portal.service.permission.PortletPermissionUtil;
037    import com.liferay.portal.theme.ThemeDisplay;
038    import com.liferay.portal.util.PortalUtil;
039    
040    import javax.portlet.PortletMode;
041    
042    import javax.servlet.http.HttpServletRequest;
043    
044    /**
045     * @author Adolfo P??rez
046     */
047    public class DefaultLayoutTypeAccessPolicyImpl
048            implements LayoutTypeAccessPolicy {
049    
050            public static LayoutTypeAccessPolicy create() {
051                    return _instance;
052            }
053    
054            @Override
055            public void checkAccessAllowedToPortlet(
056                            HttpServletRequest request, Layout layout, Portlet portlet)
057                    throws PortalException {
058    
059                    if (isAccessAllowedToLayoutPortlet(request, layout, portlet)) {
060                            PortalUtil.addPortletDefaultResource(request, portlet);
061    
062                            if (hasAccessPermission(request, layout, portlet)) {
063                                    return;
064                            }
065                    }
066    
067                    throw new PrincipalException.MustHavePermission(
068                            PortalUtil.getUserId(request), portlet.getDisplayName(),
069                            portlet.getPortletId(), ActionKeys.ACCESS);
070            }
071    
072            @Override
073            public boolean isAddLayoutAllowed(
074                            PermissionChecker permissionChecker, Layout layout)
075                    throws PortalException {
076    
077                    return LayoutPermissionUtil.contains(
078                            permissionChecker, layout, ActionKeys.ADD_LAYOUT);
079            }
080    
081            @Override
082            public boolean isCustomizeLayoutAllowed(
083                            PermissionChecker permissionChecker, Layout layout)
084                    throws PortalException {
085    
086                    return LayoutPermissionUtil.contains(
087                            permissionChecker, layout, ActionKeys.CUSTOMIZE);
088            }
089    
090            @Override
091            public boolean isDeleteLayoutAllowed(
092                            PermissionChecker permissionChecker, Layout layout)
093                    throws PortalException {
094    
095                    return LayoutPermissionUtil.contains(
096                            permissionChecker, layout, ActionKeys.DELETE);
097            }
098    
099            @Override
100            public boolean isUpdateLayoutAllowed(
101                            PermissionChecker permissionChecker, Layout layout)
102                    throws PortalException {
103    
104                    return LayoutPermissionUtil.contains(
105                            permissionChecker, layout, ActionKeys.UPDATE);
106            }
107    
108            @Override
109            public boolean isViewLayoutAllowed(
110                            PermissionChecker permissionChecker, Layout layout)
111                    throws PortalException {
112    
113                    return LayoutPermissionUtil.contains(
114                            permissionChecker, layout, ActionKeys.VIEW);
115            }
116    
117            protected boolean hasAccessPermission(
118                            HttpServletRequest request, Layout layout, Portlet portlet)
119                    throws PortalException {
120    
121                    PermissionChecker permissionChecker =
122                            PermissionThreadLocal.getPermissionChecker();
123    
124                    ThemeDisplay themeDisplay = (ThemeDisplay)request.getAttribute(
125                            WebKeys.THEME_DISPLAY);
126    
127                    PortletMode portletMode = PortletMode.VIEW;
128    
129                    String portletId = portlet.getPortletId();
130                    String ppid = request.getParameter("p_p_id");
131                    String ppmode = request.getParameter("p_p_mode");
132    
133                    if (portletId.equals(ppid) && (ppmode != null)) {
134                            portletMode = PortletModeFactory.getPortletMode(ppmode);
135                    }
136    
137                    return PortletPermissionUtil.hasAccessPermission(
138                            permissionChecker, themeDisplay.getScopeGroupId(), layout, portlet,
139                            portletMode);
140            }
141    
142            protected boolean isAccessAllowedToLayoutPortlet(
143                    HttpServletRequest request, Layout layout, Portlet portlet) {
144    
145                    if (isAccessGrantedByRuntimePortlet(request)) {
146                            return true;
147                    }
148    
149                    if (isAccessGrantedByPortletOnPage(layout, portlet)) {
150                            return true;
151                    }
152    
153                    if (isAccessGrantedByPortletAuthenticationToken(
154                                    request, layout, portlet)) {
155    
156                            return true;
157                    }
158    
159                    return false;
160            }
161    
162            protected boolean isAccessGrantedByPortletAuthenticationToken(
163                    HttpServletRequest request, Layout layout, Portlet portlet) {
164    
165                    if (!portlet.isAddDefaultResource()) {
166                            return false;
167                    }
168    
169                    if (!_PORTLET_ADD_DEFAULT_RESOURCE_CHECK_ENABLED) {
170                            return true;
171                    }
172    
173                    if (AuthTokenUtil.isValidPortletInvocationToken(
174                                    request, layout, portlet)) {
175    
176                            return true;
177                    }
178    
179                    return false;
180            }
181    
182            protected boolean isAccessGrantedByPortletOnPage(
183                    Layout layout, Portlet portlet) {
184    
185                    String portletId = portlet.getPortletId();
186    
187                    if (layout.isTypePanel() && isPanelSelectedPortlet(layout, portletId)) {
188                            return true;
189                    }
190    
191                    LayoutTypePortlet layoutTypePortlet =
192                            (LayoutTypePortlet)layout.getLayoutType();
193    
194                    if ((layoutTypePortlet != null) &&
195                            layoutTypePortlet.hasPortletId(portletId)) {
196    
197                            return true;
198                    }
199    
200                    return false;
201            }
202    
203            protected boolean isAccessGrantedByRuntimePortlet(
204                    HttpServletRequest request) {
205    
206                    Boolean renderPortletResource = (Boolean)request.getAttribute(
207                            WebKeys.RENDER_PORTLET_RESOURCE);
208    
209                    if (renderPortletResource != null) {
210                            return renderPortletResource;
211                    }
212    
213                    return false;
214            }
215    
216            protected boolean isPanelSelectedPortlet(Layout layout, String portletId) {
217                    String panelSelectedPortlets = layout.getTypeSettingsProperty(
218                            "panelSelectedPortlets");
219    
220                    if (Validator.isNotNull(panelSelectedPortlets)) {
221                            String[] panelSelectedPortletsArray = StringUtil.split(
222                                    panelSelectedPortlets);
223    
224                            return ArrayUtil.contains(panelSelectedPortletsArray, portletId);
225                    }
226    
227                    return false;
228            }
229    
230            private static final boolean _PORTLET_ADD_DEFAULT_RESOURCE_CHECK_ENABLED =
231                    GetterUtil.getBoolean(
232                            PropsUtil.get(
233                                    PropsKeys.PORTLET_ADD_DEFAULT_RESOURCE_CHECK_ENABLED));
234    
235            private static final LayoutTypeAccessPolicy _instance =
236                    new DefaultLayoutTypeAccessPolicyImpl();
237    
238    }