001
014
015 package com.liferay.portal.service.impl;
016
017 import com.liferay.portal.ResourceActionsException;
018 import com.liferay.portal.exception.NoSuchRoleException;
019 import com.liferay.portal.kernel.bean.BeanPropertiesUtil;
020 import com.liferay.portal.kernel.exception.PortalException;
021 import com.liferay.portal.kernel.log.Log;
022 import com.liferay.portal.kernel.log.LogFactoryUtil;
023 import com.liferay.portal.kernel.search.IndexWriterHelperUtil;
024 import com.liferay.portal.kernel.util.GetterUtil;
025 import com.liferay.portal.kernel.util.ListUtil;
026 import com.liferay.portal.model.AuditedModel;
027 import com.liferay.portal.model.GroupedModel;
028 import com.liferay.portal.model.PermissionedModel;
029 import com.liferay.portal.model.Resource;
030 import com.liferay.portal.model.ResourceConstants;
031 import com.liferay.portal.model.ResourcePermission;
032 import com.liferay.portal.model.Role;
033 import com.liferay.portal.model.RoleConstants;
034 import com.liferay.portal.model.impl.ResourceImpl;
035 import com.liferay.portal.security.permission.PermissionCacheUtil;
036 import com.liferay.portal.security.permission.PermissionThreadLocal;
037 import com.liferay.portal.security.permission.ResourceActionsUtil;
038 import com.liferay.portal.service.ServiceContext;
039 import com.liferay.portal.service.base.ResourceLocalServiceBaseImpl;
040 import com.liferay.portal.service.permission.ModelPermissions;
041 import com.liferay.portal.service.permission.ModelPermissionsFactory;
042 import com.liferay.portal.util.ResourcePermissionsThreadLocal;
043
044 import java.util.Arrays;
045 import java.util.Iterator;
046 import java.util.List;
047
048 import org.apache.commons.lang.time.StopWatch;
049
050
102 public class ResourceLocalServiceImpl extends ResourceLocalServiceBaseImpl {
103
104
146 @Override
147 public void addModelResources(
148 AuditedModel auditedModel, ServiceContext serviceContext)
149 throws PortalException {
150
151 ModelPermissions modelPermissions =
152 serviceContext.getModelPermissions();
153
154 if ((modelPermissions != null) && !modelPermissions.isEmpty()) {
155 addModelResources(
156 auditedModel.getCompanyId(), getGroupId(auditedModel),
157 auditedModel.getUserId(), auditedModel.getModelClassName(),
158 String.valueOf(auditedModel.getPrimaryKeyObj()),
159 modelPermissions, getPermissionedModel(auditedModel));
160 }
161 else if (serviceContext.isAddGroupPermissions() ||
162 serviceContext.isAddGuestPermissions()) {
163
164 addResources(
165 auditedModel.getCompanyId(), getGroupId(auditedModel),
166 auditedModel.getUserId(), auditedModel.getModelClassName(),
167 String.valueOf(auditedModel.getPrimaryKeyObj()), false,
168 serviceContext.isAddGroupPermissions(),
169 serviceContext.isAddGuestPermissions(),
170 getPermissionedModel(auditedModel));
171 }
172 else {
173 if (serviceContext.isDeriveDefaultPermissions()) {
174 serviceContext.deriveDefaultPermissions(
175 getGroupId(auditedModel), auditedModel.getModelClassName());
176 }
177
178 addModelResources(
179 auditedModel.getCompanyId(), getGroupId(auditedModel),
180 auditedModel.getUserId(), auditedModel.getModelClassName(),
181 String.valueOf(auditedModel.getPrimaryKeyObj()),
182 serviceContext.getModelPermissions(),
183 getPermissionedModel(auditedModel));
184 }
185 }
186
187 @Override
188 public void addModelResources(
189 long companyId, long groupId, long userId, String name,
190 long primKey, ModelPermissions modelPermissions)
191 throws PortalException {
192
193 addModelResources(
194 companyId, groupId, userId, name, String.valueOf(primKey),
195 modelPermissions, null);
196 }
197
198
213 @Override
214 public void addModelResources(
215 long companyId, long groupId, long userId, String name,
216 long primKey, String[] groupPermissions, String[] guestPermissions)
217 throws PortalException {
218
219 addModelResources(
220 companyId, groupId, userId, name, String.valueOf(primKey),
221 groupPermissions, guestPermissions, null);
222 }
223
224 @Override
225 public void addModelResources(
226 long companyId, long groupId, long userId, String name,
227 String primKey, ModelPermissions modelPermissions)
228 throws PortalException {
229
230 addModelResources(
231 companyId, groupId, userId, name, primKey, modelPermissions, null);
232 }
233
234
249 @Override
250 public void addModelResources(
251 long companyId, long groupId, long userId, String name,
252 String primKey, String[] groupPermissions,
253 String[] guestPermissions)
254 throws PortalException {
255
256 addModelResources(
257 companyId, groupId, userId, name, primKey, groupPermissions,
258 guestPermissions, null);
259 }
260
261
279 @Override
280 public void addResources(
281 long companyId, long groupId, long userId, String name,
282 long primKey, boolean portletActions, boolean addGroupPermissions,
283 boolean addGuestPermissions)
284 throws PortalException {
285
286 addResources(
287 companyId, groupId, userId, name, String.valueOf(primKey),
288 portletActions, addGroupPermissions, addGuestPermissions, null);
289 }
290
291
309 @Override
310 public void addResources(
311 long companyId, long groupId, long userId, String name,
312 String primKey, boolean portletActions, boolean addGroupPermissions,
313 boolean addGuestPermissions)
314 throws PortalException {
315
316 addResources(
317 companyId, groupId, userId, name, primKey, portletActions,
318 addGroupPermissions, addGuestPermissions, null);
319 }
320
321
332 @Override
333 public void addResources(
334 long companyId, long groupId, String name, boolean portletActions)
335 throws PortalException {
336
337 addResources(
338 companyId, groupId, 0, name, null, portletActions, false, false);
339 }
340
341
348 @Override
349 public void deleteResource(AuditedModel auditedModel, int scope)
350 throws PortalException {
351
352 deleteResource(
353 auditedModel.getCompanyId(), auditedModel.getModelClassName(),
354 scope, String.valueOf(auditedModel.getPrimaryKeyObj()),
355 getPermissionedModel(auditedModel));
356 }
357
358
368 @Override
369 public void deleteResource(
370 long companyId, String name, int scope, long primKey)
371 throws PortalException {
372
373 deleteResource(companyId, name, scope, String.valueOf(primKey), null);
374 }
375
376
386 @Override
387 public void deleteResource(
388 long companyId, String name, int scope, String primKey)
389 throws PortalException {
390
391 deleteResource(companyId, name, scope, primKey, null);
392 }
393
394
405 @Override
406 public Resource getResource(
407 long companyId, String name, int scope, String primKey) {
408
409 Resource resource = new ResourceImpl();
410
411 resource.setCompanyId(companyId);
412 resource.setName(name);
413 resource.setScope(scope);
414 resource.setPrimKey(primKey);
415
416 return resource;
417 }
418
419
435 @Override
436 public boolean hasUserPermissions(
437 long userId, long resourceId, List<Resource> resources,
438 String actionId, long[] roleIds)
439 throws PortalException {
440
441 StopWatch stopWatch = new StopWatch();
442
443 stopWatch.start();
444
445 int block = 1;
446
447 boolean hasUserPermissions =
448 resourcePermissionLocalService.hasResourcePermission(
449 resources, roleIds, actionId);
450
451 logHasUserPermissions(userId, resourceId, actionId, stopWatch, block++);
452
453 return hasUserPermissions;
454 }
455
456
464 @Override
465 public void updateModelResources(
466 AuditedModel auditedModel, ServiceContext serviceContext)
467 throws PortalException {
468
469 updateResources(
470 auditedModel.getCompanyId(), getGroupId(auditedModel),
471 auditedModel.getModelClassName(),
472 String.valueOf(auditedModel.getPrimaryKeyObj()),
473 serviceContext.getModelPermissions(),
474 getPermissionedModel(auditedModel));
475 }
476
477
488 @Override
489 public void updateResources(
490 long companyId, long groupId, String name, long primKey,
491 ModelPermissions modelPermissions)
492 throws PortalException {
493
494 updateResources(
495 companyId, groupId, name, String.valueOf(primKey), modelPermissions,
496 null);
497 }
498
499
511 @Override
512 public void updateResources(
513 long companyId, long groupId, String name, long primKey,
514 String[] groupPermissions, String[] guestPermissions)
515 throws PortalException {
516
517 updateResources(
518 companyId, groupId, name, String.valueOf(primKey), groupPermissions,
519 guestPermissions, null);
520 }
521
522
533 @Override
534 public void updateResources(
535 long companyId, long groupId, String name, String primKey,
536 ModelPermissions modelPermissions)
537 throws PortalException {
538
539 updateResources(
540 companyId, groupId, name, primKey, modelPermissions, null);
541 }
542
543
555 @Override
556 public void updateResources(
557 long companyId, long groupId, String name, String primKey,
558 String[] groupPermissions, String[] guestPermissions)
559 throws PortalException {
560
561 ModelPermissions modelPermissions = ModelPermissionsFactory.create(
562 groupPermissions, guestPermissions);
563
564 updateResources(
565 companyId, groupId, name, primKey, modelPermissions, null);
566 }
567
568
581 @Override
582 public void updateResources(
583 long companyId, String name, int scope, String primKey,
584 String newPrimKey) {
585
586 if (resourceBlockLocalService.isSupported(name)) {
587
588
589
590
591
592 }
593 else {
594 updateResourcePermissions(
595 companyId, name, scope, primKey, newPrimKey);
596 }
597 }
598
599 protected void addGroupPermissions(
600 long companyId, long groupId, long userId, String name,
601 Resource resource, boolean portletActions,
602 PermissionedModel permissionedModel)
603 throws PortalException {
604
605 List<String> actions = null;
606
607 if (portletActions) {
608 actions = ResourceActionsUtil.getPortletResourceGroupDefaultActions(
609 name);
610 }
611 else {
612 actions = ResourceActionsUtil.getModelResourceGroupDefaultActions(
613 name);
614 }
615
616 String[] actionIds = actions.toArray(new String[actions.size()]);
617
618 if (resourceBlockLocalService.isSupported(name)) {
619 addGroupPermissionsBlocks(
620 groupId, resource, actions, permissionedModel);
621 }
622 else {
623 addGroupPermissions(groupId, resource, actionIds);
624 }
625 }
626
627 protected void addGroupPermissions(
628 long groupId, Resource resource, String[] actionIds)
629 throws PortalException {
630
631 Role role = roleLocalService.getDefaultGroupRole(groupId);
632
633 resourcePermissionLocalService.setResourcePermissions(
634 resource.getCompanyId(), resource.getName(), resource.getScope(),
635 resource.getPrimKey(), role.getRoleId(), actionIds);
636 }
637
638 protected void addGroupPermissionsBlocks(
639 long groupId, Resource resource, List<String> actionIds,
640 PermissionedModel permissionedModel)
641 throws PortalException {
642
643 if (permissionedModel == null) {
644 throw new IllegalArgumentException("Permissioned model is null");
645 }
646
647
648
649 Role role = roleLocalService.getDefaultGroupRole(groupId);
650
651 resourceBlockLocalService.setIndividualScopePermissions(
652 resource.getCompanyId(), groupId, resource.getName(),
653 permissionedModel, role.getRoleId(), actionIds);
654 }
655
656 protected void addGuestPermissions(
657 long companyId, long groupId, long userId, String name,
658 Resource resource, boolean portletActions,
659 PermissionedModel permissionedModel)
660 throws PortalException {
661
662 List<String> actions = null;
663
664 if (portletActions) {
665 actions = ResourceActionsUtil.getPortletResourceGuestDefaultActions(
666 name);
667 }
668 else {
669 actions = ResourceActionsUtil.getModelResourceGuestDefaultActions(
670 name);
671 }
672
673 String[] actionIds = actions.toArray(new String[actions.size()]);
674
675 if (resourceBlockLocalService.isSupported(name)) {
676 addGuestPermissionsBlocks(
677 companyId, groupId, resource, actions, permissionedModel);
678 }
679 else {
680 addGuestPermissions(companyId, resource, actionIds);
681 }
682 }
683
684 protected void addGuestPermissions(
685 long companyId, Resource resource, String[] actionIds)
686 throws PortalException {
687
688 Role guestRole = roleLocalService.getRole(
689 companyId, RoleConstants.GUEST);
690
691 resourcePermissionLocalService.setResourcePermissions(
692 resource.getCompanyId(), resource.getName(), resource.getScope(),
693 resource.getPrimKey(), guestRole.getRoleId(), actionIds);
694 }
695
696 protected void addGuestPermissionsBlocks(
697 long companyId, long groupId, Resource resource,
698 List<String> actionIds, PermissionedModel permissionedModel)
699 throws PortalException {
700
701 if (permissionedModel == null) {
702 throw new IllegalArgumentException("Permissioned model is null");
703 }
704
705
706
707 Role guestRole = roleLocalService.getRole(
708 companyId, RoleConstants.GUEST);
709
710 resourceBlockLocalService.setIndividualScopePermissions(
711 resource.getCompanyId(), groupId, resource.getName(),
712 permissionedModel, guestRole.getRoleId(), actionIds);
713 }
714
715 protected void addModelResources(
716 long companyId, long groupId, long userId, Resource resource,
717 ModelPermissions modelPermissions,
718 PermissionedModel permissionedModel)
719 throws PortalException {
720
721
722
723 Role ownerRole = roleLocalService.getRole(
724 companyId, RoleConstants.OWNER);
725
726 List<String> ownerActionIds =
727 ResourceActionsUtil.getModelResourceActions(resource.getName());
728
729 ownerActionIds = ListUtil.copy(ownerActionIds);
730
731 filterOwnerActions(resource.getName(), ownerActionIds);
732
733 String[] ownerPermissions = ownerActionIds.toArray(
734 new String[ownerActionIds.size()]);
735
736 if (resourceBlockLocalService.isSupported(resource.getName())) {
737 if (permissionedModel == null) {
738 throw new IllegalArgumentException(
739 "Permissioned model is null");
740 }
741
742
743
744 resourceBlockLocalService.setIndividualScopePermissions(
745 resource.getCompanyId(), groupId, resource.getName(),
746 permissionedModel, ownerRole.getRoleId(), ownerActionIds);
747
748 if (modelPermissions != null) {
749 for (String roleName : modelPermissions.getRoleNames()) {
750 Role role = getRole(
751 resource.getCompanyId(), groupId, roleName);
752
753 resourceBlockLocalService.setIndividualScopePermissions(
754 resource.getCompanyId(), groupId, resource.getName(),
755 permissionedModel, role.getRoleId(),
756 modelPermissions.getActionIdsList(roleName));
757 }
758 }
759 }
760 else {
761 resourcePermissionLocalService.setOwnerResourcePermissions(
762 resource.getCompanyId(), resource.getName(),
763 resource.getScope(), resource.getPrimKey(),
764 ownerRole.getRoleId(), userId, ownerPermissions);
765
766 if (modelPermissions != null) {
767 for (String roleName : modelPermissions.getRoleNames()) {
768 Role role = getRole(
769 resource.getCompanyId(), groupId, roleName);
770
771 resourcePermissionLocalService.setResourcePermissions(
772 resource.getCompanyId(), resource.getName(),
773 resource.getScope(), resource.getPrimKey(),
774 role.getRoleId(),
775 modelPermissions.getActionIds(roleName));
776 }
777 }
778 }
779 }
780
781 protected void addModelResources(
782 long companyId, long groupId, long userId, Resource resource,
783 String[] groupPermissions, String[] guestPermissions,
784 PermissionedModel permissionedModel)
785 throws PortalException {
786
787 ModelPermissions modelPermissions = ModelPermissionsFactory.create(
788 groupPermissions, guestPermissions);
789
790 addModelResources(
791 companyId, groupId, userId, resource, modelPermissions,
792 permissionedModel);
793 }
794
795 protected void addModelResources(
796 long companyId, long groupId, long userId, String name,
797 String primKey, ModelPermissions modelPermissions,
798 PermissionedModel permissionedModel)
799 throws PortalException {
800
801 if (!PermissionThreadLocal.isAddResource()) {
802 return;
803 }
804
805 validate(name, false);
806
807 if (primKey == null) {
808 return;
809 }
810
811
812
813 Resource resource = getResource(
814 companyId, name, ResourceConstants.SCOPE_INDIVIDUAL, primKey);
815
816
817
818 boolean flushResourceBlockEnabled =
819 PermissionThreadLocal.isFlushResourceBlockEnabled(
820 companyId, groupId, name);
821 boolean flushResourcePermissionEnabled =
822 PermissionThreadLocal.isFlushResourcePermissionEnabled(
823 name, primKey);
824
825 PermissionThreadLocal.setFlushResourceBlockEnabled(
826 companyId, groupId, name, false);
827 PermissionThreadLocal.setFlushResourcePermissionEnabled(
828 name, primKey, false);
829
830 try {
831 addModelResources(
832 companyId, groupId, userId, resource, modelPermissions,
833 permissionedModel);
834 }
835 finally {
836 PermissionThreadLocal.setFlushResourceBlockEnabled(
837 companyId, groupId, name, flushResourceBlockEnabled);
838 PermissionThreadLocal.setFlushResourcePermissionEnabled(
839 name, primKey, flushResourcePermissionEnabled);
840
841 PermissionCacheUtil.clearResourceBlockCache(
842 companyId, groupId, name);
843 PermissionCacheUtil.clearResourcePermissionCache(
844 ResourceConstants.SCOPE_INDIVIDUAL, name, primKey);
845
846 IndexWriterHelperUtil.updatePermissionFields(name, primKey);
847 }
848 }
849
850 protected void addModelResources(
851 long companyId, long groupId, long userId, String name,
852 String primKey, String[] groupPermissions,
853 String[] guestPermissions, PermissionedModel permissionedModel)
854 throws PortalException {
855
856 ModelPermissions modelPermissions = ModelPermissionsFactory.create(
857 groupPermissions, guestPermissions);
858
859 addModelResources(
860 companyId, groupId, userId, name, primKey, modelPermissions,
861 permissionedModel);
862 }
863
864 protected void addResources(
865 long companyId, long groupId, long userId, Resource resource,
866 boolean portletActions, PermissionedModel permissionedModel)
867 throws PortalException {
868
869 List<String> actionIds = null;
870
871 if (portletActions) {
872 actionIds = ResourceActionsUtil.getPortletResourceActions(
873 resource.getName());
874 }
875 else {
876 actionIds = ResourceActionsUtil.getModelResourceActions(
877 resource.getName());
878
879 actionIds = ListUtil.copy(actionIds);
880
881 filterOwnerActions(resource.getName(), actionIds);
882 }
883
884 Role role = roleLocalService.getRole(companyId, RoleConstants.OWNER);
885
886 if (resourceBlockLocalService.isSupported(resource.getName())) {
887 if (permissionedModel == null) {
888 throw new IllegalArgumentException(
889 "Permissioned model is null");
890 }
891
892
893
894 resourceBlockLocalService.setIndividualScopePermissions(
895 resource.getCompanyId(), groupId, resource.getName(),
896 permissionedModel, role.getRoleId(), actionIds);
897 }
898 else {
899 resourcePermissionLocalService.setOwnerResourcePermissions(
900 resource.getCompanyId(), resource.getName(),
901 resource.getScope(), resource.getPrimKey(), role.getRoleId(),
902 userId, actionIds.toArray(new String[actionIds.size()]));
903 }
904 }
905
906 protected void addResources(
907 long companyId, long groupId, long userId, String name,
908 String primKey, boolean portletActions, boolean addGroupPermissions,
909 boolean addGuestPermissions, PermissionedModel permissionedModel)
910 throws PortalException {
911
912 if (!PermissionThreadLocal.isAddResource()) {
913 return;
914 }
915
916 validate(name, portletActions);
917
918 if (primKey == null) {
919 return;
920 }
921
922
923
924 Resource resource = getResource(
925 companyId, name, ResourceConstants.SCOPE_INDIVIDUAL, primKey);
926
927
928
929 boolean flushResourceBlockEnabled =
930 PermissionThreadLocal.isFlushResourceBlockEnabled(
931 companyId, groupId, name);
932 boolean flushResourcePermissionEnabled =
933 PermissionThreadLocal.isFlushResourcePermissionEnabled(
934 name, primKey);
935
936 PermissionThreadLocal.setFlushResourceBlockEnabled(
937 companyId, groupId, name, false);
938 PermissionThreadLocal.setFlushResourcePermissionEnabled(
939 name, primKey, false);
940
941 List<ResourcePermission> resourcePermissions =
942 resourcePermissionPersistence.findByC_N_S_P(
943 companyId, name, ResourceConstants.SCOPE_INDIVIDUAL, primKey);
944
945 ResourcePermissionsThreadLocal.setResourcePermissions(
946 resourcePermissions);
947
948 try {
949 addResources(
950 companyId, groupId, userId, resource, portletActions,
951 permissionedModel);
952
953
954
955 if ((groupId > 0) && addGroupPermissions) {
956 addGroupPermissions(
957 companyId, groupId, userId, name, resource, portletActions,
958 permissionedModel);
959 }
960
961
962
963 if (addGuestPermissions) {
964
965
966
967
968 addGuestPermissions(
969 companyId, groupId, userId, name, resource, portletActions,
970 permissionedModel);
971 }
972 }
973 finally {
974 ResourcePermissionsThreadLocal.setResourcePermissions(null);
975
976 PermissionThreadLocal.setFlushResourceBlockEnabled(
977 companyId, groupId, name, flushResourceBlockEnabled);
978 PermissionThreadLocal.setFlushResourcePermissionEnabled(
979 name, primKey, flushResourcePermissionEnabled);
980
981 PermissionCacheUtil.clearResourceBlockCache(
982 companyId, groupId, name);
983 PermissionCacheUtil.clearResourcePermissionCache(
984 ResourceConstants.SCOPE_INDIVIDUAL, name, primKey);
985
986 IndexWriterHelperUtil.updatePermissionFields(name, primKey);
987 }
988 }
989
990 protected void deleteResource(
991 long companyId, String name, int scope, String primKey,
992 PermissionedModel permissionedModel)
993 throws PortalException {
994
995 if (resourceBlockLocalService.isSupported(name)) {
996 if (permissionedModel == null) {
997 throw new IllegalArgumentException(
998 "Permissioned model is null");
999 }
1000
1001 resourceBlockLocalService.releasePermissionedModelResourceBlock(
1002 permissionedModel);
1003
1004 return;
1005 }
1006
1007 resourcePermissionLocalService.deleteResourcePermissions(
1008 companyId, name, scope, primKey);
1009 }
1010
1011 protected void filterOwnerActions(String name, List<String> actionIds) {
1012 List<String> defaultOwnerActions =
1013 ResourceActionsUtil.getModelResourceOwnerDefaultActions(name);
1014
1015 if (defaultOwnerActions.isEmpty()) {
1016 return;
1017 }
1018
1019 Iterator<String> itr = actionIds.iterator();
1020
1021 while (itr.hasNext()) {
1022 String actionId = itr.next();
1023
1024 if (!defaultOwnerActions.contains(actionId)) {
1025 itr.remove();
1026 }
1027 }
1028 }
1029
1030 protected long getGroupId(AuditedModel auditedModel) {
1031 long groupId = 0;
1032
1033 if (auditedModel instanceof GroupedModel) {
1034 GroupedModel groupedModel = (GroupedModel)auditedModel;
1035
1036 groupId = BeanPropertiesUtil.getLongSilent(
1037 groupedModel, "resourceGroupId", groupedModel.getGroupId());
1038 }
1039
1040 return groupId;
1041 }
1042
1043 protected PermissionedModel getPermissionedModel(
1044 AuditedModel auditedModel) {
1045
1046 PermissionedModel permissionedModel = null;
1047
1048 if (auditedModel instanceof PermissionedModel) {
1049 permissionedModel = (PermissionedModel)auditedModel;
1050 }
1051
1052 return permissionedModel;
1053 }
1054
1055 protected Role getRole(long companyId, long groupId, String roleName)
1056 throws PortalException {
1057
1058 if (roleName.equals(RoleConstants.PLACEHOLDER_DEFAULT_GROUP_ROLE)) {
1059 if (groupId == 0) {
1060 throw new NoSuchRoleException(
1061 "Specify a group ID other than 0 for role name " +
1062 RoleConstants.PLACEHOLDER_DEFAULT_GROUP_ROLE);
1063 }
1064
1065 return roleLocalService.getDefaultGroupRole(groupId);
1066 }
1067
1068 return roleLocalService.getRole(companyId, roleName);
1069 }
1070
1071 protected void logHasUserPermissions(
1072 long userId, long resourceId, String actionId, StopWatch stopWatch,
1073 int block) {
1074
1075 if (!_log.isDebugEnabled()) {
1076 return;
1077 }
1078
1079 _log.debug(
1080 "Checking user permissions block " + block + " for " + userId +
1081 " " + resourceId + " " + actionId + " takes " +
1082 stopWatch.getTime() + " ms");
1083 }
1084
1085 protected void updateResourceBlocks(
1086 long companyId, long groupId, Resource resource,
1087 String[] groupPermissions, String[] guestPermissions,
1088 PermissionedModel permissionedModel)
1089 throws PortalException {
1090
1091 if (permissionedModel == null) {
1092 throw new IllegalArgumentException("Permissioned model is null");
1093 }
1094
1095
1096
1097 Role role = roleLocalService.getDefaultGroupRole(groupId);
1098
1099 resourceBlockLocalService.setIndividualScopePermissions(
1100 companyId, groupId, resource.getName(), permissionedModel,
1101 role.getRoleId(), Arrays.asList(groupPermissions));
1102
1103 role = roleLocalService.getRole(companyId, RoleConstants.GUEST);
1104
1105 resourceBlockLocalService.setIndividualScopePermissions(
1106 companyId, groupId, resource.getName(), permissionedModel,
1107 role.getRoleId(), Arrays.asList(guestPermissions));
1108 }
1109
1110 protected void updateResourceBlocks(
1111 long groupId, Resource resource, ModelPermissions modelPermissions,
1112 PermissionedModel permissionedModel)
1113 throws PortalException {
1114
1115 if (permissionedModel == null) {
1116 throw new IllegalArgumentException("Permissioned model is null");
1117 }
1118
1119
1120
1121 for (String roleName : modelPermissions.getRoleNames()) {
1122 Role role = getRole(resource.getCompanyId(), groupId, roleName);
1123
1124 resourceBlockLocalService.setIndividualScopePermissions(
1125 role.getCompanyId(), groupId, resource.getName(),
1126 permissionedModel, role.getRoleId(),
1127 modelPermissions.getActionIdsList(roleName));
1128 }
1129 }
1130
1131 protected void updateResourcePermissions(
1132 long companyId, long groupId, Resource resource,
1133 String[] groupPermissions, String[] guestPermissions)
1134 throws PortalException {
1135
1136 Role role = roleLocalService.getDefaultGroupRole(groupId);
1137
1138 resourcePermissionLocalService.setResourcePermissions(
1139 resource.getCompanyId(), resource.getName(), resource.getScope(),
1140 resource.getPrimKey(), role.getRoleId(), groupPermissions);
1141
1142 role = roleLocalService.getRole(companyId, RoleConstants.GUEST);
1143
1144 resourcePermissionLocalService.setResourcePermissions(
1145 resource.getCompanyId(), resource.getName(), resource.getScope(),
1146 resource.getPrimKey(), role.getRoleId(), guestPermissions);
1147 }
1148
1149 protected void updateResourcePermissions(
1150 long groupId, Resource resource, ModelPermissions modelPermissions)
1151 throws PortalException {
1152
1153 for (String roleName : modelPermissions.getRoleNames()) {
1154 Role role = getRole(resource.getCompanyId(), groupId, roleName);
1155
1156 List<String> actionIds = modelPermissions.getActionIdsList(
1157 roleName);
1158
1159 resourcePermissionLocalService.setResourcePermissions(
1160 resource.getCompanyId(), resource.getName(),
1161 resource.getScope(), resource.getPrimKey(), role.getRoleId(),
1162 actionIds.toArray(new String[actionIds.size()]));
1163 }
1164 }
1165
1166 protected void updateResourcePermissions(
1167 long companyId, String name, int scope, String primKey,
1168 String newPrimKey) {
1169
1170 List<ResourcePermission> resourcePermissions =
1171 resourcePermissionLocalService.getResourcePermissions(
1172 companyId, name, scope, primKey);
1173
1174 for (ResourcePermission resourcePermission : resourcePermissions) {
1175 resourcePermission.setPrimKey(newPrimKey);
1176 resourcePermission.setPrimKeyId(GetterUtil.getLong(newPrimKey));
1177
1178 resourcePermissionPersistence.update(resourcePermission);
1179 }
1180 }
1181
1182 protected void updateResources(
1183 long companyId, long groupId, String name, String primKey,
1184 ModelPermissions modelPermissions,
1185 PermissionedModel permissionedModel)
1186 throws PortalException {
1187
1188 Resource resource = getResource(
1189 companyId, name, ResourceConstants.SCOPE_INDIVIDUAL, primKey);
1190
1191 if (resourceBlockLocalService.isSupported(name)) {
1192 updateResourceBlocks(
1193 groupId, resource, modelPermissions, permissionedModel);
1194 }
1195 else {
1196 updateResourcePermissions(groupId, resource, modelPermissions);
1197 }
1198 }
1199
1200 protected void updateResources(
1201 long companyId, long groupId, String name, String primKey,
1202 String[] groupPermissions, String[] guestPermissions,
1203 PermissionedModel permissionedModel)
1204 throws PortalException {
1205
1206 Resource resource = getResource(
1207 companyId, name, ResourceConstants.SCOPE_INDIVIDUAL, primKey);
1208
1209 if (groupPermissions == null) {
1210 groupPermissions = new String[0];
1211 }
1212
1213 if (guestPermissions == null) {
1214 guestPermissions = new String[0];
1215 }
1216
1217 if (resourceBlockLocalService.isSupported(name)) {
1218 updateResourceBlocks(
1219 companyId, groupId, resource, groupPermissions,
1220 guestPermissions, permissionedModel);
1221 }
1222 else {
1223 updateResourcePermissions(
1224 companyId, groupId, resource, groupPermissions,
1225 guestPermissions);
1226 }
1227 }
1228
1229 protected void validate(String name, boolean portletActions)
1230 throws PortalException {
1231
1232 List<String> actions = null;
1233
1234 if (portletActions) {
1235 actions = ResourceActionsUtil.getPortletResourceActions(name);
1236 }
1237 else {
1238 actions = ResourceActionsUtil.getModelResourceActions(name);
1239 }
1240
1241 if (actions.isEmpty()) {
1242 throw new ResourceActionsException(
1243 "There are no actions associated with the resource " + name);
1244 }
1245 }
1246
1247 private static final Log _log = LogFactoryUtil.getLog(
1248 ResourceLocalServiceImpl.class);
1249
1250 }