001    /**
002     * Copyright (c) 2000-present Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portlet;
016    
017    import com.liferay.portal.kernel.exception.PortalException;
018    import com.liferay.portal.kernel.util.StringPool;
019    import com.liferay.portal.model.Group;
020    import com.liferay.portal.model.LayoutConstants;
021    import com.liferay.portal.model.Portlet;
022    import com.liferay.portal.security.permission.ActionKeys;
023    import com.liferay.portal.security.permission.PermissionChecker;
024    import com.liferay.portal.security.permission.ResourceActionsUtil;
025    import com.liferay.portal.service.permission.PortletPermissionUtil;
026    import com.liferay.portal.theme.ThemeDisplay;
027    import com.liferay.portal.util.PortletCategoryKeys;
028    
029    import java.util.List;
030    
031    /**
032     * @author Jorge Ferrer
033     */
034    public abstract class BaseControlPanelEntry implements ControlPanelEntry {
035    
036            @Override
037            public boolean hasAccessPermission(
038                            PermissionChecker permissionChecker, Group group, Portlet portlet)
039                    throws Exception {
040    
041                    if (hasAccessPermissionDenied(permissionChecker, group, portlet)) {
042                            return false;
043                    }
044    
045                    if (hasAccessPermissionExplicitlyGranted(
046                                    permissionChecker, group, portlet)) {
047    
048                            return true;
049                    }
050    
051                    return hasPermissionImplicitlyGranted(
052                            permissionChecker, group, portlet);
053            }
054    
055            /**
056             * @deprecated As of 6.2.0, with no direct replacement.<p>This method was
057             *             originally defined to determine if a portlet should be
058             *             displayed in the Control Panel. In this version, this method
059             *             should always return <code>false</code> and remains only to
060             *             preserve binary compatibility. This method will be
061             *             permanently removed in a future version.</p><p>In lieu of
062             *             this method, the Control Panel now uses {@link
063             *             #hasAccessPermission} to determine if a portlet should be
064             *             displayed in the Control Panel.</p>
065             */
066            @Deprecated
067            @Override
068            public boolean isVisible(
069                            PermissionChecker permissionChecker, Portlet portlet)
070                    throws Exception {
071    
072                    return false;
073            }
074    
075            /**
076             * @deprecated As of 6.2.0, with no direct replacement.<p>This method was
077             *             originally defined to determine if a portlet should be
078             *             displayed in the Control Panel. In this version, this method
079             *             should always return <code>false</code> and remains only to
080             *             preserve binary compatibility. This method will be
081             *             permanently removed in a future version.</p><p>In lieu of
082             *             this method, the Control Panel now uses {@link
083             *             #hasAccessPermission} to determine if a portlet should be
084             *             displayed in the Control Panel.</p>
085             */
086            @Deprecated
087            @Override
088            public boolean isVisible(
089                            Portlet portlet, String category, ThemeDisplay themeDisplay)
090                    throws Exception {
091    
092                    return false;
093            }
094    
095            protected long getDefaultPlid(Group group, String category) {
096                    long plid = LayoutConstants.DEFAULT_PLID;
097    
098                    if (category.startsWith(PortletCategoryKeys.SITE_ADMINISTRATION)) {
099                            plid = group.getDefaultPublicPlid();
100    
101                            if (plid == LayoutConstants.DEFAULT_PLID) {
102                                    plid = group.getDefaultPrivatePlid();
103                            }
104                    }
105    
106                    return plid;
107            }
108    
109            protected boolean hasAccessPermissionDenied(
110                            PermissionChecker permissionChecker, Group group, Portlet portlet)
111                    throws Exception {
112    
113                    String category = portlet.getControlPanelEntryCategory();
114    
115                    if (category.startsWith(PortletCategoryKeys.SITE_ADMINISTRATION) &&
116                            group.isLayoutPrototype()) {
117    
118                            return true;
119                    }
120    
121                    if (category.equals(PortletCategoryKeys.SITE_ADMINISTRATION_CONTENT) &&
122                            group.isLayout() && !portlet.isScopeable()) {
123    
124                            return true;
125                    }
126    
127                    return false;
128            }
129    
130            protected boolean hasAccessPermissionExplicitlyGranted(
131                            PermissionChecker permissionChecker, Group group, Portlet portlet)
132                    throws PortalException {
133    
134                    if (permissionChecker.isCompanyAdmin()) {
135                            return true;
136                    }
137    
138                    String category = portlet.getControlPanelEntryCategory();
139    
140                    if (category == null) {
141                            category = StringPool.BLANK;
142                    }
143    
144                    if (category.startsWith(PortletCategoryKeys.SITE_ADMINISTRATION)) {
145                            if (permissionChecker.isGroupAdmin(group.getGroupId()) &&
146                                    !group.isUser()) {
147    
148                                    return true;
149                            }
150                    }
151    
152                    long groupId = group.getGroupId();
153    
154                    if (category.equals(PortletCategoryKeys.CONTROL_PANEL_APPS) ||
155                            category.equals(PortletCategoryKeys.CONTROL_PANEL_CONFIGURATION) ||
156                            category.equals(PortletCategoryKeys.CONTROL_PANEL_SITES) ||
157                            category.equals(PortletCategoryKeys.CONTROL_PANEL_SYSTEM) ||
158                            category.equals(PortletCategoryKeys.CONTROL_PANEL_USERS)) {
159    
160                            groupId = 0;
161                    }
162    
163                    List<String> actions = ResourceActionsUtil.getResourceActions(
164                            portlet.getPortletId());
165    
166                    if (actions.contains(ActionKeys.ACCESS_IN_CONTROL_PANEL) &&
167                            PortletPermissionUtil.contains(
168                                    permissionChecker, groupId, 0, portlet.getRootPortletId(),
169                                    ActionKeys.ACCESS_IN_CONTROL_PANEL, true)) {
170    
171                            return true;
172                    }
173    
174                    return false;
175            }
176    
177            protected boolean hasPermissionImplicitlyGranted(
178                            PermissionChecker permissionChecker, Group group, Portlet portlet)
179                    throws Exception {
180    
181                    String category = portlet.getControlPanelEntryCategory();
182    
183                    if ((category != null) &&
184                            category.equals(PortletCategoryKeys.USER_MY_ACCOUNT)) {
185    
186                            return true;
187                    }
188    
189                    return false;
190            }
191    
192    }