001    /**
002     * Copyright (c) 2000-present Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.security.permission;
016    
017    import com.liferay.portal.kernel.exception.PortalException;
018    import com.liferay.portal.kernel.util.SetUtil;
019    import com.liferay.portal.kernel.util.WebKeys;
020    import com.liferay.portal.model.ResourceConstants;
021    import com.liferay.portal.service.ResourcePermissionLocalServiceUtil;
022    import com.liferay.portal.service.ResourcePermissionServiceUtil;
023    import com.liferay.portal.theme.ThemeDisplay;
024    
025    import java.util.ArrayList;
026    import java.util.HashSet;
027    import java.util.List;
028    import java.util.Set;
029    
030    import javax.portlet.ActionRequest;
031    
032    /**
033     * @author Hugo Huijser
034     */
035    public abstract class BasePermissionPropagator implements PermissionPropagator {
036    
037            protected Set<String> getActionIds(String className) {
038                    List<String> actionIds = ResourceActionsUtil.getModelResourceActions(
039                            className);
040    
041                    return SetUtil.fromCollection(actionIds);
042            }
043    
044            protected Set<String> getAvailableActionIds(
045                            long companyId, String className, long primKey, long roleId,
046                            Set<String> actionIds)
047                    throws PortalException {
048    
049                    List<String> availableActionIds =
050                            ResourcePermissionLocalServiceUtil.
051                                    getAvailableResourcePermissionActionIds(
052                                            companyId, className, ResourceConstants.SCOPE_INDIVIDUAL,
053                                            String.valueOf(primKey), roleId, actionIds);
054    
055                    return SetUtil.fromCollection(availableActionIds);
056            }
057    
058            protected void propagateRolePermissions(
059                            ActionRequest actionRequest, long roleId, String parentClassName,
060                            long parentPrimKey, String childClassName, long childPrimKey)
061                    throws PortalException {
062    
063                    ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
064                            WebKeys.THEME_DISPLAY);
065    
066                    Set<String> parentActionIds = getActionIds(parentClassName);
067                    Set<String> childActionIds = getActionIds(childClassName);
068    
069                    Set<String> parentAndChildCommonActionIds = new HashSet<>();
070    
071                    for (String actionId : childActionIds) {
072                            if (parentActionIds.contains(actionId)) {
073                                    parentAndChildCommonActionIds.add(actionId);
074                            }
075                    }
076    
077                    Set<String> parentAvailableActionIds = getAvailableActionIds(
078                            themeDisplay.getCompanyId(), parentClassName, parentPrimKey, roleId,
079                            parentActionIds);
080                    Set<String> childAvailableActionIds = getAvailableActionIds(
081                            themeDisplay.getCompanyId(), childClassName, childPrimKey, roleId,
082                            childActionIds);
083    
084                    List<String> actionIds = new ArrayList<>();
085    
086                    for (String actionId : parentAndChildCommonActionIds) {
087                            if (parentAvailableActionIds.contains(actionId)) {
088                                    actionIds.add(actionId);
089                            }
090                    }
091    
092                    for (String actionId : childAvailableActionIds) {
093                            if (!parentAndChildCommonActionIds.contains(actionId)) {
094                                    actionIds.add(actionId);
095                            }
096                    }
097    
098                    ResourcePermissionServiceUtil.setIndividualResourcePermissions(
099                            themeDisplay.getScopeGroupId(), themeDisplay.getCompanyId(),
100                            childClassName, String.valueOf(childPrimKey), roleId,
101                            actionIds.toArray(new String[actionIds.size()]));
102            }
103    
104    }