001
014
015 package com.liferay.portal.service.permission;
016
017 import com.liferay.portal.kernel.exception.PortalException;
018 import com.liferay.portal.kernel.log.Log;
019 import com.liferay.portal.kernel.log.LogFactoryUtil;
020 import com.liferay.portal.kernel.staging.permission.StagingPermissionUtil;
021 import com.liferay.portal.kernel.util.StringUtil;
022 import com.liferay.portal.model.Group;
023 import com.liferay.portal.model.Layout;
024 import com.liferay.portal.model.LayoutTypePortlet;
025 import com.liferay.portal.model.Portlet;
026 import com.liferay.portal.model.PortletConstants;
027 import com.liferay.portal.model.impl.VirtualLayout;
028 import com.liferay.portal.security.auth.PrincipalException;
029 import com.liferay.portal.security.permission.ActionKeys;
030 import com.liferay.portal.security.permission.PermissionChecker;
031 import com.liferay.portal.security.permission.ResourceActionsUtil;
032 import com.liferay.portal.service.GroupLocalServiceUtil;
033 import com.liferay.portal.service.LayoutLocalServiceUtil;
034 import com.liferay.portal.service.PortletLocalServiceUtil;
035 import com.liferay.portal.util.PortletCategoryKeys;
036 import com.liferay.portal.util.PropsValues;
037 import com.liferay.portlet.ControlPanelEntry;
038 import com.liferay.portlet.sites.util.SitesUtil;
039
040 import java.util.Collection;
041 import java.util.List;
042
043 import javax.portlet.PortletMode;
044
045
049 public class PortletPermissionImpl implements PortletPermission {
050
051 public static final boolean DEFAULT_STRICT = false;
052
053 @Override
054 public void check(
055 PermissionChecker permissionChecker, Layout layout,
056 String portletId, String actionId)
057 throws PortalException {
058
059 if (!contains(
060 permissionChecker, 0, layout, portletId, actionId,
061 DEFAULT_STRICT)) {
062
063 throw new PrincipalException();
064 }
065 }
066
067 @Override
068 public void check(
069 PermissionChecker permissionChecker, Layout layout,
070 String portletId, String actionId, boolean strict)
071 throws PortalException {
072
073 if (!contains(
074 permissionChecker, 0, layout, portletId, actionId, strict)) {
075
076 throw new PrincipalException();
077 }
078 }
079
080 @Override
081 public void check(
082 PermissionChecker permissionChecker, long groupId, Layout layout,
083 String portletId, String actionId)
084 throws PortalException {
085
086 if (!contains(
087 permissionChecker, groupId, layout, portletId, actionId,
088 DEFAULT_STRICT)) {
089
090 throw new PrincipalException();
091 }
092 }
093
094 @Override
095 public void check(
096 PermissionChecker permissionChecker, long groupId, Layout layout,
097 String portletId, String actionId, boolean strict)
098 throws PortalException {
099
100 if (!contains(
101 permissionChecker, groupId, layout, portletId, actionId,
102 strict)) {
103
104 throw new PrincipalException();
105 }
106 }
107
108 @Override
109 public void check(
110 PermissionChecker permissionChecker, long groupId, long plid,
111 String portletId, String actionId)
112 throws PortalException {
113
114 check(
115 permissionChecker, groupId, plid, portletId, actionId,
116 DEFAULT_STRICT);
117 }
118
119 @Override
120 public void check(
121 PermissionChecker permissionChecker, long groupId, long plid,
122 String portletId, String actionId, boolean strict)
123 throws PortalException {
124
125 if (!contains(
126 permissionChecker, groupId, plid, portletId, actionId,
127 strict)) {
128
129 throw new PrincipalException();
130 }
131 }
132
133 @Override
134 public void check(
135 PermissionChecker permissionChecker, long plid, String portletId,
136 String actionId)
137 throws PortalException {
138
139 check(permissionChecker, plid, portletId, actionId, DEFAULT_STRICT);
140 }
141
142 @Override
143 public void check(
144 PermissionChecker permissionChecker, long plid, String portletId,
145 String actionId, boolean strict)
146 throws PortalException {
147
148 if (!contains(permissionChecker, plid, portletId, actionId, strict)) {
149 throw new PrincipalException();
150 }
151 }
152
153 @Override
154 public void check(
155 PermissionChecker permissionChecker, String portletId,
156 String actionId)
157 throws PortalException {
158
159 if (!contains(permissionChecker, portletId, actionId)) {
160 throw new PrincipalException();
161 }
162 }
163
164 @Override
165 public boolean contains(
166 PermissionChecker permissionChecker, Layout layout, Portlet portlet,
167 String actionId)
168 throws PortalException {
169
170 return contains(
171 permissionChecker, layout, portlet, actionId, DEFAULT_STRICT);
172 }
173
174 @Override
175 public boolean contains(
176 PermissionChecker permissionChecker, Layout layout, Portlet portlet,
177 String actionId, boolean strict)
178 throws PortalException {
179
180 return contains(
181 permissionChecker, 0, layout, portlet, actionId, strict);
182 }
183
184 @Override
185 public boolean contains(
186 PermissionChecker permissionChecker, Layout layout,
187 String portletId, String actionId)
188 throws PortalException {
189
190 return contains(
191 permissionChecker, layout, portletId, actionId, DEFAULT_STRICT);
192 }
193
194 @Override
195 public boolean contains(
196 PermissionChecker permissionChecker, Layout layout,
197 String portletId, String actionId, boolean strict)
198 throws PortalException {
199
200 return contains(
201 permissionChecker, 0, layout, portletId, actionId, strict);
202 }
203
204 @Override
205 public boolean contains(
206 PermissionChecker permissionChecker, long groupId, Layout layout,
207 Portlet portlet, String actionId)
208 throws PortalException {
209
210 return contains(
211 permissionChecker, groupId, layout, portlet, actionId,
212 DEFAULT_STRICT);
213 }
214
215 @Override
216 public boolean contains(
217 PermissionChecker permissionChecker, long groupId, Layout layout,
218 Portlet portlet, String actionId, boolean strict)
219 throws PortalException {
220
221 if (portlet.isUndeployedPortlet()) {
222 return false;
223 }
224
225 return contains(
226 permissionChecker, groupId, layout, portlet.getPortletId(),
227 actionId, strict);
228 }
229
230 @Override
231 public boolean contains(
232 PermissionChecker permissionChecker, long groupId, Layout layout,
233 String portletId, String actionId)
234 throws PortalException {
235
236 return contains(
237 permissionChecker, groupId, layout, portletId, actionId,
238 DEFAULT_STRICT);
239 }
240
241 @Override
242 public boolean contains(
243 PermissionChecker permissionChecker, long groupId, Layout layout,
244 String portletId, String actionId, boolean strict)
245 throws PortalException {
246
247 String name = null;
248 String primKey = null;
249
250 if (layout == null) {
251 name = portletId;
252 primKey = portletId;
253
254 return permissionChecker.hasPermission(
255 groupId, name, primKey, actionId);
256 }
257
258 if (!actionId.equals(ActionKeys.VIEW) &&
259 (layout instanceof VirtualLayout)) {
260
261 return hasCustomizePermission(
262 permissionChecker, layout, portletId, actionId);
263 }
264
265 Group group = layout.getGroup();
266
267 if (!group.isLayoutSetPrototype() &&
268 actionId.equals(ActionKeys.CONFIGURATION) &&
269 !SitesUtil.isLayoutUpdateable(layout)) {
270
271 return false;
272 }
273
274 groupId = layout.getGroupId();
275
276 name = PortletConstants.getRootPortletId(portletId);
277
278 Boolean hasPermission = StagingPermissionUtil.hasPermission(
279 permissionChecker, groupId, name, groupId, name, actionId);
280
281 if (hasPermission != null) {
282 return hasPermission.booleanValue();
283 }
284
285 if (group.isControlPanel() && actionId.equals(ActionKeys.VIEW)) {
286 return true;
287 }
288
289 primKey = getPrimaryKey(layout.getPlid(), portletId);
290
291 if (strict) {
292 return permissionChecker.hasPermission(
293 groupId, name, primKey, actionId);
294 }
295
296 if (hasConfigurePermission(
297 permissionChecker, layout, portletId, actionId) ||
298 hasCustomizePermission(
299 permissionChecker, layout, portletId, actionId)) {
300
301 return true;
302 }
303
304 return permissionChecker.hasPermission(
305 groupId, name, primKey, actionId);
306 }
307
308 public boolean contains(
309 PermissionChecker permissionChecker, long groupId, long plid,
310 Portlet portlet, String actionId)
311 throws PortalException {
312
313 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
314
315 return contains(
316 permissionChecker, groupId, layout, portlet, actionId,
317 DEFAULT_STRICT);
318 }
319
320 @Override
321 public boolean contains(
322 PermissionChecker permissionChecker, long groupId, long plid,
323 Portlet portlet, String actionId, boolean strict)
324 throws PortalException {
325
326 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
327
328 return contains(
329 permissionChecker, groupId, layout, portlet, actionId, strict);
330 }
331
332 public boolean contains(
333 PermissionChecker permissionChecker, long groupId, long plid,
334 String portletId, String actionId)
335 throws PortalException {
336
337 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
338
339 return contains(
340 permissionChecker, groupId, layout, portletId, actionId,
341 DEFAULT_STRICT);
342 }
343
344 @Override
345 public boolean contains(
346 PermissionChecker permissionChecker, long groupId, long plid,
347 String portletId, String actionId, boolean strict)
348 throws PortalException {
349
350 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
351
352 return contains(
353 permissionChecker, groupId, layout, portletId, actionId, strict);
354 }
355
356 @Override
357 public boolean contains(
358 PermissionChecker permissionChecker, long plid, Portlet portlet,
359 String actionId)
360 throws PortalException {
361
362 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
363
364 return contains(
365 permissionChecker, layout, portlet, actionId, DEFAULT_STRICT);
366 }
367
368 @Override
369 public boolean contains(
370 PermissionChecker permissionChecker, long plid, Portlet portlet,
371 String actionId, boolean strict)
372 throws PortalException {
373
374 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
375
376 return contains(
377 permissionChecker, 0, layout, portlet, actionId, strict);
378 }
379
380 @Override
381 public boolean contains(
382 PermissionChecker permissionChecker, long plid, String portletId,
383 String actionId)
384 throws PortalException {
385
386 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
387
388 return contains(
389 permissionChecker, layout, portletId, actionId, DEFAULT_STRICT);
390 }
391
392 @Override
393 public boolean contains(
394 PermissionChecker permissionChecker, long plid, String portletId,
395 String actionId, boolean strict)
396 throws PortalException {
397
398 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
399
400 return contains(
401 permissionChecker, 0, layout, portletId, actionId, strict);
402 }
403
404 @Override
405 public boolean contains(
406 PermissionChecker permissionChecker, String portletId,
407 String actionId)
408 throws PortalException {
409
410 return contains(permissionChecker, 0, portletId, actionId);
411 }
412
413 @Override
414 public String getPrimaryKey(long plid, String portletId) {
415 return String.valueOf(plid).concat(
416 PortletConstants.LAYOUT_SEPARATOR).concat(portletId);
417 }
418
419 @Override
420 public boolean hasAccessPermission(
421 PermissionChecker permissionChecker, long scopeGroupId,
422 Layout layout, Portlet portlet, PortletMode portletMode)
423 throws PortalException {
424
425 if ((layout != null) && layout.isTypeControlPanel()) {
426 String category = portlet.getControlPanelEntryCategory();
427
428 if (StringUtil.startsWith(
429 category, PortletCategoryKeys.SITE_ADMINISTRATION)) {
430
431 layout = null;
432 }
433 }
434
435 boolean access = contains(
436 permissionChecker, scopeGroupId, layout, portlet, ActionKeys.VIEW);
437
438 if (access && !PropsValues.TCK_URL &&
439 portletMode.equals(PortletMode.EDIT)) {
440
441 access = contains(
442 permissionChecker, scopeGroupId, layout, portlet,
443 ActionKeys.PREFERENCES);
444 }
445
446 return access;
447 }
448
449 @Override
450 public boolean hasConfigurationPermission(
451 PermissionChecker permissionChecker, long groupId, Layout layout,
452 String actionId)
453 throws PortalException {
454
455 LayoutTypePortlet layoutTypePortlet =
456 (LayoutTypePortlet)layout.getLayoutType();
457
458 for (Portlet portlet : layoutTypePortlet.getAllPortlets(false)) {
459 if (contains(
460 permissionChecker, groupId, layout, portlet.getPortletId(),
461 actionId)) {
462
463 return true;
464 }
465
466 if (contains(
467 permissionChecker, groupId, null,
468 portlet.getRootPortletId(), actionId)) {
469
470 return true;
471 }
472 }
473
474 return false;
475 }
476
477 @Override
478 public boolean hasControlPanelAccessPermission(
479 PermissionChecker permissionChecker, long groupId,
480 Collection<Portlet> portlets)
481 throws PortalException {
482
483 for (Portlet portlet : portlets) {
484 if (hasControlPanelAccessPermission(
485 permissionChecker, groupId, portlet)) {
486
487 return true;
488 }
489 }
490
491 return false;
492 }
493
494 @Override
495 public boolean hasControlPanelAccessPermission(
496 PermissionChecker permissionChecker, long scopeGroupId,
497 Portlet portlet)
498 throws PortalException {
499
500 Group group = GroupLocalServiceUtil.getGroup(scopeGroupId);
501
502 ControlPanelEntry controlPanelEntry =
503 portlet.getControlPanelEntryInstance();
504
505 try {
506 return controlPanelEntry.hasAccessPermission(
507 permissionChecker, group, portlet);
508 }
509 catch (Exception e) {
510 if (_log.isWarnEnabled()) {
511 _log.warn("Cannot process control panel access permission", e);
512 }
513
514 return false;
515 }
516 }
517
518 @Override
519 public boolean hasControlPanelAccessPermission(
520 PermissionChecker permissionChecker, long scopeGroupId,
521 String portletId)
522 throws PortalException {
523
524 Portlet portlet = PortletLocalServiceUtil.getPortletById(portletId);
525
526 return hasControlPanelAccessPermission(
527 permissionChecker, scopeGroupId, portlet);
528 }
529
530 @Override
531 public boolean hasLayoutManagerPermission(
532 String portletId, String actionId) {
533
534 try {
535 portletId = PortletConstants.getRootPortletId(portletId);
536
537 List<String> layoutManagerActions =
538 ResourceActionsUtil.getPortletResourceLayoutManagerActions(
539 portletId);
540
541 return layoutManagerActions.contains(actionId);
542 }
543 catch (Exception e) {
544 _log.error(e, e);
545
546 return false;
547 }
548 }
549
550 protected boolean hasConfigurePermission(
551 PermissionChecker permissionChecker, Layout layout,
552 String portletId, String actionId)
553 throws PortalException {
554
555 if (!actionId.equals(ActionKeys.CONFIGURATION) &&
556 !actionId.equals(ActionKeys.PREFERENCES) &&
557 !actionId.equals(ActionKeys.GUEST_PREFERENCES)) {
558
559 return false;
560 }
561
562 Portlet portlet = PortletLocalServiceUtil.getPortletById(
563 layout.getCompanyId(), portletId);
564
565 if (portlet.isPreferencesUniquePerLayout()) {
566 return LayoutPermissionUtil.contains(
567 permissionChecker, layout, ActionKeys.CONFIGURE_PORTLETS);
568 }
569
570 return GroupPermissionUtil.contains(
571 permissionChecker, layout.getGroupId(),
572 ActionKeys.CONFIGURE_PORTLETS);
573 }
574
575 protected boolean hasCustomizePermission(
576 PermissionChecker permissionChecker, Layout layout,
577 String portletId, String actionId)
578 throws PortalException {
579
580 LayoutTypePortlet layoutTypePortlet =
581 (LayoutTypePortlet)layout.getLayoutType();
582
583 if (layoutTypePortlet.isCustomizedView() &&
584 layoutTypePortlet.isPortletCustomizable(portletId) &&
585 LayoutPermissionUtil.contains(
586 permissionChecker, layout, ActionKeys.CUSTOMIZE)) {
587
588 if (actionId.equals(ActionKeys.VIEW)) {
589 return true;
590 }
591 else if (actionId.equals(ActionKeys.CONFIGURATION)) {
592 Portlet portlet = PortletLocalServiceUtil.getPortletById(
593 layout.getCompanyId(), portletId);
594
595 if (portlet.isInstanceable() ||
596 portlet.isPreferencesUniquePerLayout()) {
597
598 return true;
599 }
600 }
601 }
602
603 return false;
604 }
605
606 private static final Log _log = LogFactoryUtil.getLog(
607 PortletPermissionImpl.class);
608
609 }