1   /**
2    * Copyright (c) 2000-2010 Liferay, Inc. All rights reserved.
3    *
4    * The contents of this file are subject to the terms of the Liferay Enterprise
5    * Subscription License ("License"). You may not use this file except in
6    * compliance with the License. You can obtain a copy of the License by
7    * contacting Liferay, Inc. See the License for the specific language governing
8    * permissions and limitations under the License, including but not limited to
9    * distribution rights of the Software.
10   *
11   *
12   * 
13   */
14  
15  package com.liferay.portal.service.permission;
16  
17  import com.liferay.portal.PortalException;
18  import com.liferay.portal.SystemException;
19  import com.liferay.portal.kernel.log.Log;
20  import com.liferay.portal.kernel.log.LogFactoryUtil;
21  import com.liferay.portal.model.Group;
22  import com.liferay.portal.model.Layout;
23  import com.liferay.portal.model.Portlet;
24  import com.liferay.portal.model.PortletConstants;
25  import com.liferay.portal.security.auth.PrincipalException;
26  import com.liferay.portal.security.permission.ActionKeys;
27  import com.liferay.portal.security.permission.PermissionChecker;
28  import com.liferay.portal.security.permission.ResourceActionsUtil;
29  import com.liferay.portal.service.GroupLocalServiceUtil;
30  import com.liferay.portal.service.LayoutLocalServiceUtil;
31  import com.liferay.portal.util.PropsValues;
32  
33  import java.util.List;
34  
35  /**
36   * <a href="PortletPermissionImpl.java.html"><b><i>View Source</i></b></a>
37   *
38   * @author Brian Wing Shun Chan
39   */
40  public class PortletPermissionImpl implements PortletPermission {
41  
42      public static final boolean DEFAULT_STRICT = false;
43  
44      public void check(
45              PermissionChecker permissionChecker, long plid, String portletId,
46              String actionId)
47          throws PortalException, SystemException {
48  
49          check(permissionChecker, plid, portletId, actionId, DEFAULT_STRICT);
50      }
51  
52      public void check(
53              PermissionChecker permissionChecker, long plid, String portletId,
54              String actionId, boolean strict)
55          throws PortalException, SystemException {
56  
57          if (!contains(permissionChecker, plid, portletId, actionId, strict)) {
58              throw new PrincipalException();
59          }
60      }
61  
62      public void check(
63              PermissionChecker permissionChecker, String portletId,
64              String actionId)
65          throws PortalException, SystemException {
66  
67          if (!contains(permissionChecker, portletId, actionId)) {
68              throw new PrincipalException();
69          }
70      }
71  
72      public boolean contains(
73              PermissionChecker permissionChecker, long plid, Portlet portlet,
74              String actionId)
75          throws PortalException, SystemException {
76  
77          return contains(
78              permissionChecker, plid, portlet, actionId, DEFAULT_STRICT);
79      }
80  
81      public boolean contains(
82              PermissionChecker permissionChecker, long plid, Portlet portlet,
83              String actionId, boolean strict)
84          throws PortalException, SystemException {
85  
86          if (portlet.isUndeployedPortlet()) {
87              return false;
88          }
89  
90          boolean value = contains(
91              permissionChecker, plid, portlet.getPortletId(), actionId, strict);
92  
93          if (value) {
94              return true;
95          }
96          else {
97              if (portlet.isSystem() && actionId.equals(ActionKeys.VIEW)) {
98                  return true;
99              }
100             else {
101                 return false;
102             }
103         }
104     }
105 
106     public boolean contains(
107             PermissionChecker permissionChecker, long plid, String portletId,
108             String actionId)
109         throws PortalException, SystemException {
110 
111         return contains(
112             permissionChecker, plid, portletId, actionId, DEFAULT_STRICT);
113     }
114 
115     public boolean contains(
116             PermissionChecker permissionChecker, long plid, String portletId,
117             String actionId, boolean strict)
118         throws PortalException, SystemException {
119 
120         long groupId = 0;
121         String name = null;
122         String primKey = null;
123 
124         if (plid > 0) {
125             Layout layout = LayoutLocalServiceUtil.getLayout(plid);
126 
127             groupId = layout.getGroupId();
128             name = PortletConstants.getRootPortletId(portletId);
129             primKey = getPrimaryKey(plid, portletId);
130 
131             if ((layout.isPrivateLayout() &&
132                  !PropsValues.LAYOUT_USER_PRIVATE_LAYOUTS_MODIFIABLE) ||
133                 (layout.isPublicLayout() &&
134                  !PropsValues.LAYOUT_USER_PUBLIC_LAYOUTS_MODIFIABLE)) {
135 
136                 if (actionId.equals(ActionKeys.CONFIGURATION)) {
137                     Group group = GroupLocalServiceUtil.getGroup(
138                         layout.getGroupId());
139 
140                     if (group.isUser()) {
141                         return false;
142                     }
143                 }
144             }
145 
146             if (!strict) {
147                 if (LayoutPermissionUtil.contains(
148                         permissionChecker, groupId, layout.isPrivateLayout(),
149                         layout.getLayoutId(), ActionKeys.UPDATE) &&
150                     hasLayoutManagerPermission(portletId, actionId)) {
151 
152                     return true;
153                 }
154             }
155         }
156         else {
157             name = portletId;
158             primKey = portletId;
159         }
160 
161         return permissionChecker.hasPermission(
162             groupId, name, primKey, actionId);
163     }
164 
165     public boolean contains(
166             PermissionChecker permissionChecker, String portletId,
167             String actionId)
168         throws PortalException, SystemException {
169 
170         return contains(permissionChecker, 0, portletId, actionId);
171     }
172 
173     public String getPrimaryKey(long plid, String portletId) {
174         return String.valueOf(plid).concat(
175             PortletConstants.LAYOUT_SEPARATOR).concat(portletId);
176     }
177 
178     public boolean hasLayoutManagerPermission(
179         String portletId, String actionId) {
180 
181         try {
182             return hasLayoutManagerPermissionImpl(portletId, actionId);
183         }
184         catch (Exception e) {
185             _log.error(e, e);
186 
187             return false;
188         }
189     }
190 
191     protected boolean hasLayoutManagerPermissionImpl(
192         String portletId, String actionId) {
193 
194         portletId = PortletConstants.getRootPortletId(portletId);
195 
196         List<String> layoutManagerActions =
197             ResourceActionsUtil.getPortletResourceLayoutManagerActions(
198                 portletId);
199 
200         return layoutManagerActions.contains(actionId);
201     }
202 
203     private static Log _log = LogFactoryUtil.getLog(
204         PortletPermissionImpl.class);
205 
206 }