001    /**
002     * Copyright (c) 2000-present Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portlet.portletconfiguration.action;
016    
017    import com.liferay.portal.kernel.servlet.SessionErrors;
018    import com.liferay.portal.kernel.util.GetterUtil;
019    import com.liferay.portal.kernel.util.ParamUtil;
020    import com.liferay.portal.kernel.util.StringUtil;
021    import com.liferay.portal.kernel.util.Validator;
022    import com.liferay.portal.model.Layout;
023    import com.liferay.portal.model.Portlet;
024    import com.liferay.portal.model.PortletConstants;
025    import com.liferay.portal.security.auth.PrincipalException;
026    import com.liferay.portal.security.permission.PermissionPropagator;
027    import com.liferay.portal.service.LayoutLocalServiceUtil;
028    import com.liferay.portal.service.PermissionServiceUtil;
029    import com.liferay.portal.service.PortletLocalServiceUtil;
030    import com.liferay.portal.service.ResourceBlockLocalServiceUtil;
031    import com.liferay.portal.service.ResourceBlockServiceUtil;
032    import com.liferay.portal.service.ResourcePermissionServiceUtil;
033    import com.liferay.portal.servlet.filters.cache.CacheUtil;
034    import com.liferay.portal.struts.PortletAction;
035    import com.liferay.portal.theme.ThemeDisplay;
036    import com.liferay.portal.util.PropsValues;
037    import com.liferay.portal.util.WebKeys;
038    import com.liferay.portlet.StrictPortletPreferencesImpl;
039    import com.liferay.portlet.portletconfiguration.util.ConfigurationActionRequest;
040    import com.liferay.portlet.portletconfiguration.util.ConfigurationRenderRequest;
041    
042    import java.util.ArrayList;
043    import java.util.Date;
044    import java.util.Enumeration;
045    import java.util.HashMap;
046    import java.util.List;
047    import java.util.Map;
048    
049    import javax.portlet.ActionRequest;
050    import javax.portlet.ActionResponse;
051    import javax.portlet.PortletConfig;
052    import javax.portlet.RenderRequest;
053    import javax.portlet.RenderResponse;
054    
055    import org.apache.struts.action.ActionForm;
056    import org.apache.struts.action.ActionForward;
057    import org.apache.struts.action.ActionMapping;
058    
059    /**
060     * @author Brian Wing Shun Chan
061     * @author Connor McKay
062     */
063    public class EditPermissionsAction extends PortletAction {
064    
065            @Override
066            public void processAction(
067                            ActionMapping actionMapping, ActionForm actionForm,
068                            PortletConfig portletConfig, ActionRequest actionRequest,
069                            ActionResponse actionResponse)
070                    throws Exception {
071    
072                    try {
073                            actionRequest = new ConfigurationActionRequest(
074                                    actionRequest, new StrictPortletPreferencesImpl());
075    
076                            updateRolePermissions(actionRequest);
077    
078                            addSuccessMessage(actionRequest, actionResponse);
079                    }
080                    catch (Exception e) {
081                            if (e instanceof PrincipalException) {
082                                    SessionErrors.add(actionRequest, e.getClass());
083    
084                                    setForward(
085                                            actionRequest, "portlet.portlet_configuration.error");
086                            }
087                            else {
088                                    throw e;
089                            }
090                    }
091            }
092    
093            @Override
094            public ActionForward render(
095                            ActionMapping actionMapping, ActionForm actionForm,
096                            PortletConfig portletConfig, RenderRequest renderRequest,
097                            RenderResponse renderResponse)
098                    throws Exception {
099    
100                    renderRequest = new ConfigurationRenderRequest(
101                            renderRequest, new StrictPortletPreferencesImpl());
102    
103                    ThemeDisplay themeDisplay = (ThemeDisplay)renderRequest.getAttribute(
104                            WebKeys.THEME_DISPLAY);
105    
106                    long groupId = ParamUtil.getLong(
107                            renderRequest, "resourceGroupId", themeDisplay.getScopeGroupId());
108    
109                    String portletResource = ParamUtil.getString(
110                            renderRequest, "portletResource");
111                    String modelResource = ParamUtil.getString(
112                            renderRequest, "modelResource");
113                    String resourcePrimKey = ParamUtil.getString(
114                            renderRequest, "resourcePrimKey");
115    
116                    String selResource = portletResource;
117    
118                    if (Validator.isNotNull(modelResource)) {
119                            selResource = modelResource;
120                    }
121    
122                    try {
123                            PermissionServiceUtil.checkPermission(
124                                    groupId, selResource, resourcePrimKey);
125                    }
126                    catch (PrincipalException pe) {
127                            SessionErrors.add(
128                                    renderRequest, PrincipalException.class.getName());
129    
130                            return actionMapping.findForward(
131                                    "portlet.portlet_configuration.error");
132                    }
133    
134                    Portlet portlet = PortletLocalServiceUtil.getPortletById(
135                            themeDisplay.getCompanyId(), portletResource);
136    
137                    if (portlet != null) {
138                            renderResponse.setTitle(
139                                    ActionUtil.getTitle(portlet, renderRequest));
140                    }
141    
142                    return actionMapping.findForward(
143                            getForward(
144                                    renderRequest,
145                                    "portlet.portlet_configuration.edit_permissions"));
146            }
147    
148            protected String[] getActionIds(
149                    ActionRequest actionRequest, long roleId, boolean includePreselected) {
150    
151                    List<String> actionIds = getActionIdsList(
152                            actionRequest, roleId, includePreselected);
153    
154                    return actionIds.toArray(new String[actionIds.size()]);
155            }
156    
157            protected List<String> getActionIdsList(
158                    ActionRequest actionRequest, long roleId, boolean includePreselected) {
159    
160                    List<String> actionIds = new ArrayList<String>();
161    
162                    Enumeration<String> enu = actionRequest.getParameterNames();
163    
164                    while (enu.hasMoreElements()) {
165                            String name = enu.nextElement();
166    
167                            if (name.startsWith(roleId + ActionUtil.ACTION)) {
168                                    int pos = name.indexOf(ActionUtil.ACTION);
169    
170                                    String actionId = name.substring(
171                                            pos + ActionUtil.ACTION.length());
172    
173                                    actionIds.add(actionId);
174                            }
175                            else if (includePreselected &&
176                                             name.startsWith(roleId + ActionUtil.PRESELECTED)) {
177    
178                                    int pos = name.indexOf(ActionUtil.PRESELECTED);
179    
180                                    String actionId = name.substring(
181                                            pos + ActionUtil.PRESELECTED.length());
182    
183                                    actionIds.add(actionId);
184                            }
185                    }
186    
187                    return actionIds;
188            }
189    
190            protected void updateLayoutModifiedDate(
191                            String selResource, String resourcePrimKey)
192                    throws Exception {
193    
194                    long plid = 0;
195    
196                    int pos = resourcePrimKey.indexOf(PortletConstants.LAYOUT_SEPARATOR);
197    
198                    if (pos != -1) {
199                            plid = GetterUtil.getLong(resourcePrimKey.substring(0, pos));
200                    }
201                    else if (selResource.equals(Layout.class.getName())) {
202                            plid = GetterUtil.getLong(resourcePrimKey);
203                    }
204    
205                    if (plid <= 0) {
206                            return;
207                    }
208    
209                    Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
210    
211                    if (layout != null) {
212                            layout.setModifiedDate(new Date());
213    
214                            LayoutLocalServiceUtil.updateLayout(layout);
215    
216                            CacheUtil.clearCache(layout.getCompanyId());
217                    }
218            }
219    
220            protected void updateRolePermissions(ActionRequest actionRequest)
221                    throws Exception {
222    
223                    ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
224                            WebKeys.THEME_DISPLAY);
225    
226                    String portletResource = ParamUtil.getString(
227                            actionRequest, "portletResource");
228                    String modelResource = ParamUtil.getString(
229                            actionRequest, "modelResource");
230                    long[] roleIds = StringUtil.split(
231                            ParamUtil.getString(
232                                    actionRequest, "rolesSearchContainerPrimaryKeys"), 0L);
233    
234                    String selResource = PortletConstants.getRootPortletId(portletResource);
235    
236                    if (Validator.isNotNull(modelResource)) {
237                            selResource = modelResource;
238                    }
239    
240                    long resourceGroupId = ParamUtil.getLong(
241                            actionRequest, "resourceGroupId", themeDisplay.getScopeGroupId());
242                    String resourcePrimKey = ParamUtil.getString(
243                            actionRequest, "resourcePrimKey");
244    
245                    Map<Long, String[]> roleIdsToActionIds = new HashMap<Long, String[]>();
246    
247                    if (ResourceBlockLocalServiceUtil.isSupported(selResource)) {
248                            for (long roleId : roleIds) {
249                                    List<String> actionIds = getActionIdsList(
250                                            actionRequest, roleId, true);
251    
252                                    roleIdsToActionIds.put(
253                                            roleId, actionIds.toArray(new String[actionIds.size()]));
254                            }
255    
256                            ResourceBlockServiceUtil.setIndividualScopePermissions(
257                                    themeDisplay.getCompanyId(), resourceGroupId, selResource,
258                                    GetterUtil.getLong(resourcePrimKey), roleIdsToActionIds);
259                    }
260                    else {
261                            for (long roleId : roleIds) {
262                                    String[] actionIds = getActionIds(actionRequest, roleId, false);
263    
264                                    roleIdsToActionIds.put(roleId, actionIds);
265                            }
266    
267                            ResourcePermissionServiceUtil.setIndividualResourcePermissions(
268                                    resourceGroupId, themeDisplay.getCompanyId(), selResource,
269                                    resourcePrimKey, roleIdsToActionIds);
270                    }
271    
272                    updateLayoutModifiedDate(selResource, resourcePrimKey);
273    
274                    if (PropsValues.PERMISSIONS_PROPAGATION_ENABLED) {
275                            Portlet portlet = PortletLocalServiceUtil.getPortletById(
276                                    themeDisplay.getCompanyId(), portletResource);
277    
278                            PermissionPropagator permissionPropagator =
279                                    portlet.getPermissionPropagatorInstance();
280    
281                            if (permissionPropagator != null) {
282                                    permissionPropagator.propagateRolePermissions(
283                                            actionRequest, modelResource, resourcePrimKey, roleIds);
284                            }
285                    }
286            }
287    
288    }