001
014
015 package com.liferay.portal.service.permission;
016
017 import com.liferay.portal.kernel.exception.PortalException;
018 import com.liferay.portal.kernel.log.Log;
019 import com.liferay.portal.kernel.log.LogFactoryUtil;
020 import com.liferay.portal.kernel.util.StringUtil;
021 import com.liferay.portal.model.Group;
022 import com.liferay.portal.model.Layout;
023 import com.liferay.portal.model.LayoutTypePortlet;
024 import com.liferay.portal.model.Portlet;
025 import com.liferay.portal.model.PortletConstants;
026 import com.liferay.portal.model.impl.VirtualLayout;
027 import com.liferay.portal.security.auth.PrincipalException;
028 import com.liferay.portal.security.permission.ActionKeys;
029 import com.liferay.portal.security.permission.PermissionChecker;
030 import com.liferay.portal.security.permission.ResourceActionsUtil;
031 import com.liferay.portal.service.GroupLocalServiceUtil;
032 import com.liferay.portal.service.LayoutLocalServiceUtil;
033 import com.liferay.portal.service.PortletLocalServiceUtil;
034 import com.liferay.portal.util.PortletCategoryKeys;
035 import com.liferay.portlet.ControlPanelEntry;
036 import com.liferay.portlet.exportimport.staging.permission.StagingPermissionUtil;
037 import com.liferay.portlet.sites.util.SitesUtil;
038
039 import java.util.Collection;
040 import java.util.List;
041
042 import javax.portlet.PortletMode;
043
044
048 public class PortletPermissionImpl implements PortletPermission {
049
050 @Override
051 public void check(
052 PermissionChecker permissionChecker, Layout layout,
053 String portletId, String actionId)
054 throws PortalException {
055
056 if (!contains(
057 permissionChecker, 0, layout, portletId, actionId,
058 _STRICT_DEFAULT)) {
059
060 throw new PrincipalException();
061 }
062 }
063
064 @Override
065 public void check(
066 PermissionChecker permissionChecker, Layout layout,
067 String portletId, String actionId, boolean strict)
068 throws PortalException {
069
070 if (!contains(
071 permissionChecker, 0, layout, portletId, actionId, strict)) {
072
073 throw new PrincipalException();
074 }
075 }
076
077 @Override
078 public void check(
079 PermissionChecker permissionChecker, long groupId, Layout layout,
080 String portletId, String actionId)
081 throws PortalException {
082
083 if (!contains(
084 permissionChecker, groupId, layout, portletId, actionId,
085 _STRICT_DEFAULT)) {
086
087 throw new PrincipalException();
088 }
089 }
090
091 @Override
092 public void check(
093 PermissionChecker permissionChecker, long groupId, Layout layout,
094 String portletId, String actionId, boolean strict)
095 throws PortalException {
096
097 check(
098 permissionChecker, groupId, layout, portletId, actionId, strict,
099 _CHECK_STAGING_PERMISSION_DEFAULT);
100 }
101
102 @Override
103 public void check(
104 PermissionChecker permissionChecker, long groupId, Layout layout,
105 String portletId, String actionId, boolean strict,
106 boolean checkStagingPermission)
107 throws PortalException {
108
109 if (!contains(
110 permissionChecker, groupId, layout, portletId, actionId, strict,
111 checkStagingPermission)) {
112
113 throw new PrincipalException();
114 }
115 }
116
117 @Override
118 public void check(
119 PermissionChecker permissionChecker, long groupId, long plid,
120 String portletId, String actionId)
121 throws PortalException {
122
123 check(
124 permissionChecker, groupId, plid, portletId, actionId,
125 _STRICT_DEFAULT);
126 }
127
128 @Override
129 public void check(
130 PermissionChecker permissionChecker, long groupId, long plid,
131 String portletId, String actionId, boolean strict)
132 throws PortalException {
133
134 if (!contains(
135 permissionChecker, groupId, plid, portletId, actionId,
136 strict)) {
137
138 throw new PrincipalException();
139 }
140 }
141
142 @Override
143 public void check(
144 PermissionChecker permissionChecker, long plid, String portletId,
145 String actionId)
146 throws PortalException {
147
148 check(permissionChecker, plid, portletId, actionId, _STRICT_DEFAULT);
149 }
150
151 @Override
152 public void check(
153 PermissionChecker permissionChecker, long plid, String portletId,
154 String actionId, boolean strict)
155 throws PortalException {
156
157 if (!contains(permissionChecker, plid, portletId, actionId, strict)) {
158 throw new PrincipalException();
159 }
160 }
161
162 @Override
163 public void check(
164 PermissionChecker permissionChecker, String portletId,
165 String actionId)
166 throws PortalException {
167
168 if (!contains(permissionChecker, portletId, actionId)) {
169 throw new PrincipalException();
170 }
171 }
172
173 @Override
174 public boolean contains(
175 PermissionChecker permissionChecker, Layout layout, Portlet portlet,
176 String actionId)
177 throws PortalException {
178
179 return contains(
180 permissionChecker, layout, portlet, actionId, _STRICT_DEFAULT);
181 }
182
183 @Override
184 public boolean contains(
185 PermissionChecker permissionChecker, Layout layout, Portlet portlet,
186 String actionId, boolean strict)
187 throws PortalException {
188
189 return contains(
190 permissionChecker, 0, layout, portlet, actionId, strict);
191 }
192
193 @Override
194 public boolean contains(
195 PermissionChecker permissionChecker, Layout layout,
196 String portletId, String actionId)
197 throws PortalException {
198
199 return contains(
200 permissionChecker, layout, portletId, actionId, _STRICT_DEFAULT);
201 }
202
203 @Override
204 public boolean contains(
205 PermissionChecker permissionChecker, Layout layout,
206 String portletId, String actionId, boolean strict)
207 throws PortalException {
208
209 return contains(
210 permissionChecker, 0, layout, portletId, actionId, strict);
211 }
212
213 @Override
214 public boolean contains(
215 PermissionChecker permissionChecker, long groupId, Layout layout,
216 Portlet portlet, String actionId)
217 throws PortalException {
218
219 return contains(
220 permissionChecker, groupId, layout, portlet, actionId,
221 _STRICT_DEFAULT);
222 }
223
224 @Override
225 public boolean contains(
226 PermissionChecker permissionChecker, long groupId, Layout layout,
227 Portlet portlet, String actionId, boolean strict)
228 throws PortalException {
229
230 if (portlet.isUndeployedPortlet()) {
231 return false;
232 }
233
234 return contains(
235 permissionChecker, groupId, layout, portlet.getPortletId(),
236 actionId, strict);
237 }
238
239 @Override
240 public boolean contains(
241 PermissionChecker permissionChecker, long groupId, Layout layout,
242 String portletId, String actionId)
243 throws PortalException {
244
245 return contains(
246 permissionChecker, groupId, layout, portletId, actionId,
247 _STRICT_DEFAULT);
248 }
249
250 @Override
251 public boolean contains(
252 PermissionChecker permissionChecker, long groupId, Layout layout,
253 String portletId, String actionId, boolean strict)
254 throws PortalException {
255
256 return contains(
257 permissionChecker, groupId, layout, portletId, actionId, strict,
258 _CHECK_STAGING_PERMISSION_DEFAULT);
259 }
260
261 @Override
262 public boolean contains(
263 PermissionChecker permissionChecker, long groupId, Layout layout,
264 String portletId, String actionId, boolean strict,
265 boolean checkStagingPermission)
266 throws PortalException {
267
268 String name = null;
269 String primKey = null;
270
271 if (layout == null) {
272 name = portletId;
273 primKey = portletId;
274
275 return permissionChecker.hasPermission(
276 groupId, name, primKey, actionId);
277 }
278
279 if (!actionId.equals(ActionKeys.VIEW) &&
280 (layout instanceof VirtualLayout)) {
281
282 return hasCustomizePermission(
283 permissionChecker, layout, portletId, actionId);
284 }
285
286 Group group = layout.getGroup();
287
288 if (!group.isLayoutSetPrototype() &&
289 actionId.equals(ActionKeys.CONFIGURATION) &&
290 !SitesUtil.isLayoutUpdateable(layout)) {
291
292 return false;
293 }
294
295 groupId = layout.getGroupId();
296
297 name = PortletConstants.getRootPortletId(portletId);
298
299 if (checkStagingPermission) {
300 Boolean hasPermission = StagingPermissionUtil.hasPermission(
301 permissionChecker, groupId, name, groupId, name, actionId);
302
303 if (hasPermission != null) {
304 return hasPermission.booleanValue();
305 }
306 }
307
308 if (group.isControlPanel() && actionId.equals(ActionKeys.VIEW)) {
309 return true;
310 }
311
312 primKey = getPrimaryKey(layout.getPlid(), portletId);
313
314 if (strict) {
315 return permissionChecker.hasPermission(
316 groupId, name, primKey, actionId);
317 }
318
319 if (hasConfigurePermission(
320 permissionChecker, layout, portletId, actionId) ||
321 hasCustomizePermission(
322 permissionChecker, layout, portletId, actionId)) {
323
324 return true;
325 }
326
327 return permissionChecker.hasPermission(
328 groupId, name, primKey, actionId);
329 }
330
331 public boolean contains(
332 PermissionChecker permissionChecker, long groupId, long plid,
333 Portlet portlet, String actionId)
334 throws PortalException {
335
336 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
337
338 return contains(
339 permissionChecker, groupId, layout, portlet, actionId,
340 _STRICT_DEFAULT);
341 }
342
343 @Override
344 public boolean contains(
345 PermissionChecker permissionChecker, long groupId, long plid,
346 Portlet portlet, String actionId, boolean strict)
347 throws PortalException {
348
349 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
350
351 return contains(
352 permissionChecker, groupId, layout, portlet, actionId, strict);
353 }
354
355 public boolean contains(
356 PermissionChecker permissionChecker, long groupId, long plid,
357 String portletId, String actionId)
358 throws PortalException {
359
360 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
361
362 return contains(
363 permissionChecker, groupId, layout, portletId, actionId,
364 _STRICT_DEFAULT);
365 }
366
367 @Override
368 public boolean contains(
369 PermissionChecker permissionChecker, long groupId, long plid,
370 String portletId, String actionId, boolean strict)
371 throws PortalException {
372
373 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
374
375 return contains(
376 permissionChecker, groupId, layout, portletId, actionId, strict);
377 }
378
379 @Override
380 public boolean contains(
381 PermissionChecker permissionChecker, long plid, Portlet portlet,
382 String actionId)
383 throws PortalException {
384
385 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
386
387 return contains(
388 permissionChecker, layout, portlet, actionId, _STRICT_DEFAULT);
389 }
390
391 @Override
392 public boolean contains(
393 PermissionChecker permissionChecker, long plid, Portlet portlet,
394 String actionId, boolean strict)
395 throws PortalException {
396
397 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
398
399 return contains(
400 permissionChecker, 0, layout, portlet, actionId, strict);
401 }
402
403 @Override
404 public boolean contains(
405 PermissionChecker permissionChecker, long plid, String portletId,
406 String actionId)
407 throws PortalException {
408
409 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
410
411 return contains(
412 permissionChecker, layout, portletId, actionId, _STRICT_DEFAULT);
413 }
414
415 @Override
416 public boolean contains(
417 PermissionChecker permissionChecker, long plid, String portletId,
418 String actionId, boolean strict)
419 throws PortalException {
420
421 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
422
423 return contains(
424 permissionChecker, 0, layout, portletId, actionId, strict);
425 }
426
427 @Override
428 public boolean contains(
429 PermissionChecker permissionChecker, String portletId,
430 String actionId)
431 throws PortalException {
432
433 return contains(permissionChecker, 0, portletId, actionId);
434 }
435
436 @Override
437 public String getPrimaryKey(long plid, String portletId) {
438 return String.valueOf(plid).concat(
439 PortletConstants.LAYOUT_SEPARATOR).concat(portletId);
440 }
441
442 @Override
443 public boolean hasAccessPermission(
444 PermissionChecker permissionChecker, long scopeGroupId,
445 Layout layout, Portlet portlet, PortletMode portletMode)
446 throws PortalException {
447
448 if ((layout != null) && layout.isTypeControlPanel()) {
449 String category = portlet.getControlPanelEntryCategory();
450
451 if (StringUtil.startsWith(
452 category, PortletCategoryKeys.SITE_ADMINISTRATION)) {
453
454 layout = null;
455 }
456 }
457
458 boolean access = contains(
459 permissionChecker, scopeGroupId, layout, portlet, ActionKeys.VIEW);
460
461 if (access && portletMode.equals(PortletMode.EDIT)) {
462 access = contains(
463 permissionChecker, scopeGroupId, layout, portlet,
464 ActionKeys.PREFERENCES);
465 }
466
467 return access;
468 }
469
470 @Override
471 public boolean hasConfigurationPermission(
472 PermissionChecker permissionChecker, long groupId, Layout layout,
473 String actionId)
474 throws PortalException {
475
476 LayoutTypePortlet layoutTypePortlet =
477 (LayoutTypePortlet)layout.getLayoutType();
478
479 for (Portlet portlet : layoutTypePortlet.getAllPortlets(false)) {
480 if (contains(
481 permissionChecker, groupId, layout, portlet.getPortletId(),
482 actionId)) {
483
484 return true;
485 }
486
487 if (contains(
488 permissionChecker, groupId, null,
489 portlet.getRootPortletId(), actionId)) {
490
491 return true;
492 }
493 }
494
495 return false;
496 }
497
498 @Override
499 public boolean hasControlPanelAccessPermission(
500 PermissionChecker permissionChecker, long groupId,
501 Collection<Portlet> portlets)
502 throws PortalException {
503
504 for (Portlet portlet : portlets) {
505 if (hasControlPanelAccessPermission(
506 permissionChecker, groupId, portlet)) {
507
508 return true;
509 }
510 }
511
512 return false;
513 }
514
515 @Override
516 public boolean hasControlPanelAccessPermission(
517 PermissionChecker permissionChecker, long scopeGroupId,
518 Portlet portlet)
519 throws PortalException {
520
521 Group group = GroupLocalServiceUtil.getGroup(scopeGroupId);
522
523 ControlPanelEntry controlPanelEntry =
524 portlet.getControlPanelEntryInstance();
525
526 try {
527 return controlPanelEntry.hasAccessPermission(
528 permissionChecker, group, portlet);
529 }
530 catch (Exception e) {
531 if (_log.isWarnEnabled()) {
532 _log.warn("Cannot process control panel access permission", e);
533 }
534
535 return false;
536 }
537 }
538
539 @Override
540 public boolean hasControlPanelAccessPermission(
541 PermissionChecker permissionChecker, long scopeGroupId,
542 String portletId)
543 throws PortalException {
544
545 Portlet portlet = PortletLocalServiceUtil.getPortletById(portletId);
546
547 return hasControlPanelAccessPermission(
548 permissionChecker, scopeGroupId, portlet);
549 }
550
551 @Override
552 public boolean hasLayoutManagerPermission(
553 String portletId, String actionId) {
554
555 try {
556 portletId = PortletConstants.getRootPortletId(portletId);
557
558 List<String> layoutManagerActions =
559 ResourceActionsUtil.getPortletResourceLayoutManagerActions(
560 portletId);
561
562 return layoutManagerActions.contains(actionId);
563 }
564 catch (Exception e) {
565 _log.error(e, e);
566
567 return false;
568 }
569 }
570
571 protected boolean hasConfigurePermission(
572 PermissionChecker permissionChecker, Layout layout,
573 String portletId, String actionId)
574 throws PortalException {
575
576 if (!actionId.equals(ActionKeys.CONFIGURATION) &&
577 !actionId.equals(ActionKeys.PREFERENCES) &&
578 !actionId.equals(ActionKeys.GUEST_PREFERENCES)) {
579
580 return false;
581 }
582
583 Portlet portlet = PortletLocalServiceUtil.getPortletById(
584 layout.getCompanyId(), portletId);
585
586 if (portlet.isPreferencesUniquePerLayout()) {
587 return LayoutPermissionUtil.contains(
588 permissionChecker, layout, ActionKeys.CONFIGURE_PORTLETS);
589 }
590
591 return GroupPermissionUtil.contains(
592 permissionChecker, layout.getGroupId(),
593 ActionKeys.CONFIGURE_PORTLETS);
594 }
595
596 protected boolean hasCustomizePermission(
597 PermissionChecker permissionChecker, Layout layout,
598 String portletId, String actionId)
599 throws PortalException {
600
601 LayoutTypePortlet layoutTypePortlet =
602 (LayoutTypePortlet)layout.getLayoutType();
603
604 if (layoutTypePortlet.isCustomizedView() &&
605 layoutTypePortlet.isPortletCustomizable(portletId) &&
606 LayoutPermissionUtil.contains(
607 permissionChecker, layout, ActionKeys.CUSTOMIZE)) {
608
609 if (actionId.equals(ActionKeys.VIEW)) {
610 return true;
611 }
612 else if (actionId.equals(ActionKeys.CONFIGURATION)) {
613 Portlet portlet = PortletLocalServiceUtil.getPortletById(
614 layout.getCompanyId(), portletId);
615
616 if (portlet.isInstanceable() ||
617 portlet.isPreferencesUniquePerLayout()) {
618
619 return true;
620 }
621 }
622 }
623
624 return false;
625 }
626
627 private static final boolean _CHECK_STAGING_PERMISSION_DEFAULT = true;
628
629 private static final boolean _STRICT_DEFAULT = false;
630
631 private static final Log _log = LogFactoryUtil.getLog(
632 PortletPermissionImpl.class);
633
634 }