001
014
015 package com.liferay.portal.model.impl;
016
017 import com.liferay.portal.kernel.exception.PortalException;
018 import com.liferay.portal.kernel.portlet.PortletModeFactory;
019 import com.liferay.portal.kernel.util.ArrayUtil;
020 import com.liferay.portal.kernel.util.GetterUtil;
021 import com.liferay.portal.kernel.util.PropsKeys;
022 import com.liferay.portal.kernel.util.PropsUtil;
023 import com.liferay.portal.kernel.util.StringUtil;
024 import com.liferay.portal.kernel.util.Validator;
025 import com.liferay.portal.kernel.util.WebKeys;
026 import com.liferay.portal.model.Layout;
027 import com.liferay.portal.model.LayoutTypeAccessPolicy;
028 import com.liferay.portal.model.LayoutTypePortlet;
029 import com.liferay.portal.model.Portlet;
030 import com.liferay.portal.security.auth.AuthTokenUtil;
031 import com.liferay.portal.security.auth.PrincipalException;
032 import com.liferay.portal.security.permission.ActionKeys;
033 import com.liferay.portal.security.permission.PermissionChecker;
034 import com.liferay.portal.security.permission.PermissionThreadLocal;
035 import com.liferay.portal.service.permission.LayoutPermissionUtil;
036 import com.liferay.portal.service.permission.PortletPermissionUtil;
037 import com.liferay.portal.theme.ThemeDisplay;
038 import com.liferay.portal.util.PortalUtil;
039
040 import javax.portlet.PortletMode;
041
042 import javax.servlet.http.HttpServletRequest;
043
044
047 public class DefaultLayoutTypeAccessPolicyImpl
048 implements LayoutTypeAccessPolicy {
049
050 public static LayoutTypeAccessPolicy create() {
051 return _instance;
052 }
053
054 @Override
055 public void checkAccessAllowedToPortlet(
056 HttpServletRequest request, Layout layout, Portlet portlet)
057 throws PortalException {
058
059 if (isAccessAllowedToLayoutPortlet(request, layout, portlet)) {
060 PortalUtil.addPortletDefaultResource(request, portlet);
061
062 if (hasAccessPermission(request, layout, portlet)) {
063 return;
064 }
065 }
066
067 throw new PrincipalException.MustHavePermission(
068 PortalUtil.getUserId(request), portlet.getDisplayName(),
069 portlet.getPortletId(), ActionKeys.ACCESS);
070 }
071
072 @Override
073 public boolean isAddLayoutAllowed(
074 PermissionChecker permissionChecker, Layout layout)
075 throws PortalException {
076
077 return LayoutPermissionUtil.contains(
078 permissionChecker, layout, ActionKeys.ADD_LAYOUT);
079 }
080
081 @Override
082 public boolean isCustomizeLayoutAllowed(
083 PermissionChecker permissionChecker, Layout layout)
084 throws PortalException {
085
086 return LayoutPermissionUtil.contains(
087 permissionChecker, layout, ActionKeys.CUSTOMIZE);
088 }
089
090 @Override
091 public boolean isDeleteLayoutAllowed(
092 PermissionChecker permissionChecker, Layout layout)
093 throws PortalException {
094
095 return LayoutPermissionUtil.contains(
096 permissionChecker, layout, ActionKeys.DELETE);
097 }
098
099 @Override
100 public boolean isUpdateLayoutAllowed(
101 PermissionChecker permissionChecker, Layout layout)
102 throws PortalException {
103
104 return LayoutPermissionUtil.contains(
105 permissionChecker, layout, ActionKeys.UPDATE);
106 }
107
108 @Override
109 public boolean isViewLayoutAllowed(
110 PermissionChecker permissionChecker, Layout layout)
111 throws PortalException {
112
113 return LayoutPermissionUtil.contains(
114 permissionChecker, layout, ActionKeys.VIEW);
115 }
116
117 protected boolean hasAccessPermission(
118 HttpServletRequest request, Layout layout, Portlet portlet)
119 throws PortalException {
120
121 PermissionChecker permissionChecker =
122 PermissionThreadLocal.getPermissionChecker();
123
124 ThemeDisplay themeDisplay = (ThemeDisplay)request.getAttribute(
125 WebKeys.THEME_DISPLAY);
126
127 PortletMode portletMode = PortletMode.VIEW;
128
129 String portletId = portlet.getPortletId();
130 String ppid = request.getParameter("p_p_id");
131 String ppmode = request.getParameter("p_p_mode");
132
133 if (portletId.equals(ppid) && (ppmode != null)) {
134 portletMode = PortletModeFactory.getPortletMode(ppmode);
135 }
136
137 return PortletPermissionUtil.hasAccessPermission(
138 permissionChecker, themeDisplay.getScopeGroupId(), layout, portlet,
139 portletMode);
140 }
141
142 protected boolean isAccessAllowedToLayoutPortlet(
143 HttpServletRequest request, Layout layout, Portlet portlet) {
144
145 if (isAccessGrantedByRuntimePortlet(request)) {
146 return true;
147 }
148
149 if (isAccessGrantedByPortletOnPage(layout, portlet)) {
150 return true;
151 }
152
153 if (isAccessGrantedByPortletAuthenticationToken(
154 request, layout, portlet)) {
155
156 return true;
157 }
158
159 return false;
160 }
161
162 protected boolean isAccessGrantedByPortletAuthenticationToken(
163 HttpServletRequest request, Layout layout, Portlet portlet) {
164
165 if (!portlet.isAddDefaultResource()) {
166 return false;
167 }
168
169 if (!_PORTLET_ADD_DEFAULT_RESOURCE_CHECK_ENABLED) {
170 return true;
171 }
172
173 if (AuthTokenUtil.isValidPortletInvocationToken(
174 request, layout, portlet)) {
175
176 return true;
177 }
178
179 return false;
180 }
181
182 protected boolean isAccessGrantedByPortletOnPage(
183 Layout layout, Portlet portlet) {
184
185 String portletId = portlet.getPortletId();
186
187 if (layout.isTypePanel() && isPanelSelectedPortlet(layout, portletId)) {
188 return true;
189 }
190
191 LayoutTypePortlet layoutTypePortlet =
192 (LayoutTypePortlet)layout.getLayoutType();
193
194 if ((layoutTypePortlet != null) &&
195 layoutTypePortlet.hasPortletId(portletId)) {
196
197 return true;
198 }
199
200 return false;
201 }
202
203 protected boolean isAccessGrantedByRuntimePortlet(
204 HttpServletRequest request) {
205
206 Boolean renderPortletResource = (Boolean)request.getAttribute(
207 WebKeys.RENDER_PORTLET_RESOURCE);
208
209 if (renderPortletResource != null) {
210 return renderPortletResource;
211 }
212
213 return false;
214 }
215
216 protected boolean isPanelSelectedPortlet(Layout layout, String portletId) {
217 String panelSelectedPortlets = layout.getTypeSettingsProperty(
218 "panelSelectedPortlets");
219
220 if (Validator.isNotNull(panelSelectedPortlets)) {
221 String[] panelSelectedPortletsArray = StringUtil.split(
222 panelSelectedPortlets);
223
224 return ArrayUtil.contains(panelSelectedPortletsArray, portletId);
225 }
226
227 return false;
228 }
229
230 private static final boolean _PORTLET_ADD_DEFAULT_RESOURCE_CHECK_ENABLED =
231 GetterUtil.getBoolean(
232 PropsUtil.get(
233 PropsKeys.PORTLET_ADD_DEFAULT_RESOURCE_CHECK_ENABLED));
234
235 private static final LayoutTypeAccessPolicy _instance =
236 new DefaultLayoutTypeAccessPolicyImpl();
237
238 }