1
14
15 package com.liferay.portlet.portletconfiguration.action;
16
17 import com.liferay.portal.kernel.servlet.SessionErrors;
18 import com.liferay.portal.kernel.servlet.SessionMessages;
19 import com.liferay.portal.kernel.util.Constants;
20 import com.liferay.portal.kernel.util.ParamUtil;
21 import com.liferay.portal.kernel.util.StringUtil;
22 import com.liferay.portal.kernel.util.Validator;
23 import com.liferay.portal.model.Layout;
24 import com.liferay.portal.model.Organization;
25 import com.liferay.portal.model.Portlet;
26 import com.liferay.portal.model.PortletConstants;
27 import com.liferay.portal.model.Resource;
28 import com.liferay.portal.model.UserGroup;
29 import com.liferay.portal.security.auth.PrincipalException;
30 import com.liferay.portal.service.PermissionServiceUtil;
31 import com.liferay.portal.service.PortletLocalServiceUtil;
32 import com.liferay.portal.service.ResourceLocalServiceUtil;
33 import com.liferay.portal.service.ResourcePermissionServiceUtil;
34 import com.liferay.portal.servlet.filters.cache.CacheUtil;
35 import com.liferay.portal.theme.ThemeDisplay;
36 import com.liferay.portal.util.PropsValues;
37 import com.liferay.portal.util.WebKeys;
38
39 import java.util.ArrayList;
40 import java.util.Enumeration;
41 import java.util.List;
42
43 import javax.portlet.ActionRequest;
44 import javax.portlet.ActionResponse;
45 import javax.portlet.PortletConfig;
46 import javax.portlet.RenderRequest;
47 import javax.portlet.RenderResponse;
48
49 import org.apache.struts.action.ActionForm;
50 import org.apache.struts.action.ActionForward;
51 import org.apache.struts.action.ActionMapping;
52
53
58 public class EditPermissionsAction extends EditConfigurationAction {
59
60 public void processAction(
61 ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
62 ActionRequest actionRequest, ActionResponse actionResponse)
63 throws Exception {
64
65 String cmd = ParamUtil.getString(actionRequest, Constants.CMD);
66
67 try {
68 if (cmd.equals("group_permissions")) {
69 updateGroupPermissions(actionRequest);
70 }
71 else if (cmd.equals("guest_permissions")) {
72 updateGuestPermissions(actionRequest);
73 }
74 else if (cmd.equals("organization_permissions")) {
75 updateOrganizationPermissions(actionRequest);
76 }
77 else if (cmd.equals("role_permissions")) {
78 updateRolePermissions(actionRequest);
79 }
80 else if (cmd.equals("user_group_permissions")) {
81 updateUserGroupPermissions(actionRequest);
82 }
83 else if (cmd.equals("user_permissions")) {
84 updateUserPermissions(actionRequest);
85 }
86
87 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM < 5) {
88 String redirect = ParamUtil.getString(
89 actionRequest, "permissionsRedirect");
90
91 sendRedirect(actionRequest, actionResponse, redirect);
92 }
93 else {
94 SessionMessages.add(actionRequest, "request_processed");
95 }
96 }
97 catch (Exception e) {
98 if (e instanceof PrincipalException) {
99 SessionErrors.add(actionRequest, e.getClass().getName());
100
101 setForward(
102 actionRequest, "portlet.portlet_configuration.error");
103 }
104 else {
105 throw e;
106 }
107 }
108 }
109
110 public ActionForward render(
111 ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
112 RenderRequest renderRequest, RenderResponse renderResponse)
113 throws Exception {
114
115 ThemeDisplay themeDisplay = (ThemeDisplay)renderRequest.getAttribute(
116 WebKeys.THEME_DISPLAY);
117
118 long groupId = themeDisplay.getScopeGroupId();
119
120 String portletResource = ParamUtil.getString(
121 renderRequest, "portletResource");
122 String modelResource = ParamUtil.getString(
123 renderRequest, "modelResource");
124 String resourcePrimKey = ParamUtil.getString(
125 renderRequest, "resourcePrimKey");
126
127 String selResource = portletResource;
128
129 if (Validator.isNotNull(modelResource)) {
130 selResource = modelResource;
131 }
132
133 try {
134 PermissionServiceUtil.checkPermission(
135 groupId, selResource, resourcePrimKey);
136 }
137 catch (PrincipalException pe) {
138 SessionErrors.add(
139 renderRequest, PrincipalException.class.getName());
140
141 setForward(renderRequest, "portlet.portlet_configuration.error");
142 }
143
144 Portlet portlet = PortletLocalServiceUtil.getPortletById(
145 themeDisplay.getCompanyId(), portletResource);
146
147 if (portlet != null) {
148 renderResponse.setTitle(getTitle(portlet, renderRequest));
149 }
150
151 return mapping.findForward(getForward(
152 renderRequest, "portlet.portlet_configuration.edit_permissions"));
153 }
154
155 protected String[] getActionIds(ActionRequest actionRequest, long roleId) {
156 List<String> actionIds = new ArrayList<String>();
157
158 Enumeration<String> enu = actionRequest.getParameterNames();
159
160 while (enu.hasMoreElements()) {
161 String name = enu.nextElement();
162
163 if (name.startsWith(roleId + "_ACTION_")) {
164 int pos = name.indexOf("_ACTION_");
165
166 String actionId = name.substring(pos + 8);
167
168 actionIds.add(actionId);
169 }
170 }
171
172 return actionIds.toArray(new String[actionIds.size()]);
173 }
174
175 protected void updateGroupPermissions(ActionRequest actionRequest)
176 throws Exception {
177
178 Layout layout = (Layout)actionRequest.getAttribute(WebKeys.LAYOUT);
179
180 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
181 long groupId = ParamUtil.getLong(actionRequest, "groupId");
182 String[] actionIds = StringUtil.split(
183 ParamUtil.getString(actionRequest, "groupIdActionIds"));
184
185 PermissionServiceUtil.setGroupPermissions(
186 groupId, actionIds, resourceId);
187
188 if (!layout.isPrivateLayout()) {
189 Resource resource =
190 ResourceLocalServiceUtil.getResource(resourceId);
191
192 if (resource.getPrimKey().startsWith(
193 layout.getPlid() + PortletConstants.LAYOUT_SEPARATOR)) {
194
195 CacheUtil.clearCache(layout.getCompanyId());
196 }
197 }
198 }
199
200 protected void updateGuestPermissions(ActionRequest actionRequest)
201 throws Exception {
202
203 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
204 WebKeys.THEME_DISPLAY);
205
206 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
207 String[] actionIds = StringUtil.split(
208 ParamUtil.getString(actionRequest, "guestActionIds"));
209
210 PermissionServiceUtil.setUserPermissions(
211 themeDisplay.getDefaultUserId(), themeDisplay.getScopeGroupId(),
212 actionIds, resourceId);
213 }
214
215 protected void updateOrganizationPermissions(ActionRequest actionRequest)
216 throws Exception {
217
218 Layout layout = (Layout)actionRequest.getAttribute(WebKeys.LAYOUT);
219
220 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
221 long organizationId = ParamUtil.getLong(
222 actionRequest, "organizationIdsPosValue");
223 String[] actionIds = StringUtil.split(
224 ParamUtil.getString(actionRequest, "organizationIdActionIds"));
225
228 PermissionServiceUtil.setGroupPermissions(
230 Organization.class.getName(), String.valueOf(organizationId),
231 layout.getGroupId(), actionIds, resourceId);
232
237 }
238
239 protected void updateRolePermissions(ActionRequest actionRequest)
240 throws Exception {
241
242 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
243 updateRolePermissions_5(actionRequest);
244 }
245 else if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
246 updateRolePermissions_6(actionRequest);
247 }
248 else {
249 updateRolePermissions_1to4(actionRequest);
250 }
251 }
252
253 protected void updateRolePermissions_1to4(ActionRequest actionRequest)
254 throws Exception {
255
256 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
257 WebKeys.THEME_DISPLAY);
258
259 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
260 long roleId = ParamUtil.getLong(actionRequest, "roleIdsPosValue");
261 String[] actionIds = StringUtil.split(
262 ParamUtil.getString(actionRequest, "roleIdActionIds"));
263
264 PermissionServiceUtil.setRolePermissions(
265 roleId, themeDisplay.getScopeGroupId(), actionIds, resourceId);
266 }
267
268 protected void updateRolePermissions_5(ActionRequest actionRequest)
269 throws Exception {
270
271 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
272 WebKeys.THEME_DISPLAY);
273
274 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
275 long[] roleIds = StringUtil.split(
276 ParamUtil.getString(
277 actionRequest, "rolesSearchContainerPrimaryKeys"), 0L);
278
279 for (long roleId : roleIds) {
280 String[] actionIds = getActionIds(actionRequest, roleId);
281
282 PermissionServiceUtil.setRolePermissions(
283 roleId, themeDisplay.getScopeGroupId(), actionIds, resourceId);
284 }
285 }
286
287 protected void updateRolePermissions_6(ActionRequest actionRequest)
288 throws Exception {
289
290 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
291 WebKeys.THEME_DISPLAY);
292
293 String portletResource = ParamUtil.getString(
294 actionRequest, "portletResource");
295 String modelResource = ParamUtil.getString(
296 actionRequest, "modelResource");
297 long[] roleIds = StringUtil.split(
298 ParamUtil.getString(
299 actionRequest, "rolesSearchContainerPrimaryKeys"), 0L);
300
301 String selResource = portletResource;
302
303 if (Validator.isNotNull(modelResource)) {
304 selResource = modelResource;
305 }
306
307 String resourcePrimKey = ParamUtil.getString(
308 actionRequest, "resourcePrimKey");
309
310 for (long roleId : roleIds) {
311 String[] actionIds = getActionIds(actionRequest, roleId);
312
313 ResourcePermissionServiceUtil.setIndividualResourcePermissions(
314 themeDisplay.getScopeGroupId(), themeDisplay.getCompanyId(),
315 selResource, resourcePrimKey, roleId, actionIds);
316 }
317 }
318
319 protected void updateUserGroupPermissions(ActionRequest actionRequest)
320 throws Exception {
321
322 Layout layout = (Layout)actionRequest.getAttribute(WebKeys.LAYOUT);
323
324 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
325 long userGroupId = ParamUtil.getLong(
326 actionRequest, "userGroupIdsPosValue");
327 String[] actionIds = StringUtil.split(
328 ParamUtil.getString(actionRequest, "userGroupIdActionIds"));
329
330 PermissionServiceUtil.setGroupPermissions(
331 UserGroup.class.getName(), String.valueOf(userGroupId),
332 layout.getGroupId(), actionIds, resourceId);
333 }
334
335 protected void updateUserPermissions(ActionRequest actionRequest)
336 throws Exception {
337
338 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
339 WebKeys.THEME_DISPLAY);
340
341 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
342 long userId = ParamUtil.getLong(actionRequest, "userIdsPosValue");
343 String[] actionIds = StringUtil.split(
344 ParamUtil.getString(actionRequest, "userIdActionIds"));
345
346 PermissionServiceUtil.setUserPermissions(
347 userId, themeDisplay.getScopeGroupId(), actionIds, resourceId);
348 }
349
350 }