001    /**
002     * Copyright (c) 2000-present Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.security.permission;
016    
017    import com.liferay.portal.kernel.dao.orm.QueryUtil;
018    import com.liferay.portal.kernel.exception.PortalException;
019    import com.liferay.portal.kernel.security.permission.PermissionConversionFilter;
020    import com.liferay.portal.kernel.security.permission.PermissionConverter;
021    import com.liferay.portal.model.Permission;
022    import com.liferay.portal.model.ResourceAction;
023    import com.liferay.portal.model.ResourceConstants;
024    import com.liferay.portal.model.ResourcePermission;
025    import com.liferay.portal.model.ResourceTypePermission;
026    import com.liferay.portal.model.Role;
027    import com.liferay.portal.model.RoleConstants;
028    import com.liferay.portal.model.impl.PermissionImpl;
029    import com.liferay.portal.service.ResourceActionLocalServiceUtil;
030    import com.liferay.portal.service.ResourceBlockLocalServiceUtil;
031    import com.liferay.portal.service.ResourcePermissionLocalServiceUtil;
032    import com.liferay.portal.service.ResourceTypePermissionLocalServiceUtil;
033    import com.liferay.portal.service.RoleLocalServiceUtil;
034    
035    import java.util.ArrayList;
036    import java.util.List;
037    
038    /**
039     * @author Michael C. Han
040     */
041    public class PermissionConverterImpl implements PermissionConverter {
042    
043            @Override
044            public List<Permission> convertPermissions(long roleId)
045                    throws PortalException {
046    
047                    return convertPermissions(roleId, null);
048            }
049    
050            @Override
051            public List<Permission> convertPermissions(
052                            long roleId, PermissionConversionFilter permissionConversionFilter)
053                    throws PortalException {
054    
055                    Role role = RoleLocalServiceUtil.getRole(roleId);
056    
057                    return convertPermissions(role, permissionConversionFilter);
058            }
059    
060            @Override
061            public List<Permission> convertPermissions(Role role) {
062                    return convertPermissions(role, null);
063            }
064    
065            @Override
066            public List<Permission> convertPermissions(
067                    Role role, PermissionConversionFilter permissionConversionFilter) {
068    
069                    int[] scopes = new int[0];
070    
071                    if (role.getType() == RoleConstants.TYPE_REGULAR) {
072                            scopes = new int[] {
073                                    ResourceConstants.SCOPE_COMPANY, ResourceConstants.SCOPE_GROUP
074                            };
075                    }
076                    else if ((role.getType() == RoleConstants.TYPE_ORGANIZATION) ||
077                                     (role.getType() == RoleConstants.TYPE_PROVIDER) ||
078                                     (role.getType() == RoleConstants.TYPE_SITE)) {
079    
080                            scopes = new int[] {ResourceConstants.SCOPE_GROUP_TEMPLATE};
081                    }
082    
083                    List<Permission> permissions = new ArrayList<>();
084    
085                    List<ResourcePermission> resourcePermissions =
086                            ResourcePermissionLocalServiceUtil.getRoleResourcePermissions(
087                                    role.getRoleId(), scopes, QueryUtil.ALL_POS, QueryUtil.ALL_POS);
088    
089                    for (ResourcePermission resourcePermission : resourcePermissions) {
090                            if ((permissionConversionFilter != null) &&
091                                    !permissionConversionFilter.accept(role, resourcePermission)) {
092    
093                                    continue;
094                            }
095    
096                            List<ResourceAction> resourceActions =
097                                    ResourceActionLocalServiceUtil.getResourceActions(
098                                            resourcePermission.getName());
099    
100                            for (ResourceAction resourceAction : resourceActions) {
101                                    if (ResourcePermissionLocalServiceUtil.hasActionId(
102                                                    resourcePermission, resourceAction)) {
103    
104                                            Permission permission = new PermissionImpl();
105    
106                                            permission.setName(resourcePermission.getName());
107                                            permission.setScope(resourcePermission.getScope());
108                                            permission.setPrimKey(resourcePermission.getPrimKey());
109                                            permission.setActionId(resourceAction.getActionId());
110    
111                                            permissions.add(permission);
112                                    }
113                            }
114                    }
115    
116                    List<ResourceTypePermission> resourceTypePermissions =
117                            ResourceTypePermissionLocalServiceUtil.
118                                    getRoleResourceTypePermissions(role.getRoleId());
119    
120                    for (ResourceTypePermission resourceTypePermission :
121                                    resourceTypePermissions) {
122    
123                            if ((permissionConversionFilter != null) &&
124                                    !permissionConversionFilter.accept(
125                                            role, resourceTypePermission)) {
126    
127                                    continue;
128                            }
129    
130                            List<String> actionIds = ResourceBlockLocalServiceUtil.getActionIds(
131                                    resourceTypePermission.getName(),
132                                    resourceTypePermission.getActionIds());
133    
134                            for (String actionId : actionIds) {
135                                    Permission permission = new PermissionImpl();
136    
137                                    permission.setName(resourceTypePermission.getName());
138    
139                                    if (role.getType() == RoleConstants.TYPE_REGULAR) {
140                                            if (resourceTypePermission.isCompanyScope()) {
141                                                    permission.setScope(ResourceConstants.SCOPE_COMPANY);
142                                            }
143                                            else {
144                                                    permission.setScope(ResourceConstants.SCOPE_GROUP);
145                                            }
146                                    }
147                                    else {
148                                            permission.setScope(ResourceConstants.SCOPE_GROUP_TEMPLATE);
149                                    }
150    
151                                    permission.setPrimKey(
152                                            String.valueOf(resourceTypePermission.getGroupId()));
153    
154                                    permission.setActionId(actionId);
155    
156                                    permissions.add(permission);
157                            }
158                    }
159    
160                    return permissions;
161            }
162    
163    }