1
14
15 package com.liferay.portal.service.impl;
16
17 import com.liferay.portal.PortalException;
18 import com.liferay.portal.SystemException;
19 import com.liferay.portal.kernel.util.GetterUtil;
20 import com.liferay.portal.model.Group;
21 import com.liferay.portal.model.Layout;
22 import com.liferay.portal.model.PortletConstants;
23 import com.liferay.portal.model.Resource;
24 import com.liferay.portal.model.Role;
25 import com.liferay.portal.model.User;
26 import com.liferay.portal.security.auth.PrincipalException;
27 import com.liferay.portal.security.permission.ActionKeys;
28 import com.liferay.portal.security.permission.PermissionChecker;
29 import com.liferay.portal.security.permission.PermissionCheckerBag;
30 import com.liferay.portal.service.base.PermissionServiceBaseImpl;
31 import com.liferay.portal.service.permission.GroupPermissionUtil;
32 import com.liferay.portal.service.permission.PortletPermissionUtil;
33 import com.liferay.portal.service.permission.UserPermissionUtil;
34
35 import java.util.List;
36
37
42 public class PermissionServiceImpl extends PermissionServiceBaseImpl {
43
44 public void checkPermission(long groupId, long resourceId)
45 throws PortalException, SystemException {
46
47 checkPermission(getPermissionChecker(), groupId, resourceId);
48 }
49
50 public void checkPermission(long groupId, String name, long primKey)
51 throws PortalException, SystemException {
52
53 checkPermission(getPermissionChecker(), groupId, name, primKey);
54 }
55
56 public void checkPermission(long groupId, String name, String primKey)
57 throws PortalException, SystemException {
58
59 checkPermission(getPermissionChecker(), groupId, name, primKey);
60 }
61
62 public boolean hasGroupPermission(
63 long groupId, String actionId, long resourceId)
64 throws SystemException {
65
66 return permissionLocalService.hasGroupPermission(
67 groupId, actionId, resourceId);
68 }
69
70 public boolean hasUserPermission(
71 long userId, String actionId, long resourceId)
72 throws SystemException {
73
74 return permissionLocalService.hasUserPermission(
75 userId, actionId, resourceId);
76 }
77
78 public boolean hasUserPermissions(
79 long userId, long groupId, List<Resource> resources,
80 String actionId, PermissionCheckerBag permissionCheckerBag)
81 throws PortalException, SystemException {
82
83 return permissionLocalService.hasUserPermissions(
84 userId, groupId, resources, actionId, permissionCheckerBag);
85 }
86
87 public void setGroupPermissions(
88 long groupId, String[] actionIds, long resourceId)
89 throws PortalException, SystemException {
90
91 checkPermission(getPermissionChecker(), groupId, resourceId);
92
93 permissionLocalService.setGroupPermissions(
94 groupId, actionIds, resourceId);
95 }
96
97 public void setGroupPermissions(
98 String className, String classPK, long groupId,
99 String[] actionIds, long resourceId)
100 throws PortalException, SystemException {
101
102 checkPermission(getPermissionChecker(), groupId, resourceId);
103
104 permissionLocalService.setGroupPermissions(
105 className, classPK, groupId, actionIds, resourceId);
106 }
107
108 public void setOrgGroupPermissions(
109 long organizationId, long groupId, String[] actionIds,
110 long resourceId)
111 throws PortalException, SystemException {
112
113 checkPermission(getPermissionChecker(), groupId, resourceId);
114
115 permissionLocalService.setOrgGroupPermissions(
116 organizationId, groupId, actionIds, resourceId);
117 }
118
119 public void setRolePermission(
120 long roleId, long groupId, String name, int scope, String primKey,
121 String actionId)
122 throws PortalException, SystemException {
123
124 checkPermission(
125 getPermissionChecker(), groupId, Role.class.getName(), roleId);
126
127 permissionLocalService.setRolePermission(
128 roleId, getUser().getCompanyId(), name, scope, primKey, actionId);
129 }
130
131 public void setRolePermissions(
132 long roleId, long groupId, String[] actionIds, long resourceId)
133 throws PortalException, SystemException {
134
135 checkPermission(getPermissionChecker(), groupId, resourceId);
136
137 permissionLocalService.setRolePermissions(
138 roleId, actionIds, resourceId);
139 }
140
141 public void setUserPermissions(
142 long userId, long groupId, String[] actionIds, long resourceId)
143 throws PortalException, SystemException {
144
145 checkPermission(getPermissionChecker(), groupId, resourceId);
146
147 permissionLocalService.setUserPermissions(
148 userId, actionIds, resourceId);
149 }
150
151 public void unsetRolePermission(
152 long roleId, long groupId, long permissionId)
153 throws SystemException, PortalException {
154
155 checkPermission(
156 getPermissionChecker(), groupId, Role.class.getName(), roleId);
157
158 permissionLocalService.unsetRolePermission(roleId, permissionId);
159 }
160
161 public void unsetRolePermission(
162 long roleId, long groupId, String name, int scope, String primKey,
163 String actionId)
164 throws PortalException, SystemException {
165
166 checkPermission(
167 getPermissionChecker(), groupId, Role.class.getName(), roleId);
168
169 permissionLocalService.unsetRolePermission(
170 roleId, getUser().getCompanyId(), name, scope, primKey, actionId);
171 }
172
173 public void unsetRolePermissions(
174 long roleId, long groupId, String name, int scope, String actionId)
175 throws PortalException, SystemException {
176
177 checkPermission(
178 getPermissionChecker(), groupId, Role.class.getName(), roleId);
179
180 permissionLocalService.unsetRolePermissions(
181 roleId, getUser().getCompanyId(), name, scope, actionId);
182 }
183
184 public void unsetUserPermissions(
185 long userId, long groupId, String[] actionIds, long resourceId)
186 throws PortalException, SystemException {
187
188 checkPermission(getPermissionChecker(), groupId, resourceId);
189
190 permissionLocalService.unsetUserPermissions(
191 userId, actionIds, resourceId);
192 }
193
194 protected void checkPermission(
195 PermissionChecker permissionChecker, long groupId,
196 long resourceId)
197 throws PortalException, SystemException {
198
199 Resource resource = resourcePersistence.findByPrimaryKey(resourceId);
200
201 checkPermission(
202 permissionChecker, groupId, resource.getName(),
203 resource.getPrimKey().toString());
204 }
205
206 protected void checkPermission(
207 PermissionChecker permissionChecker, long groupId, String name,
208 long primKey)
209 throws PortalException, SystemException {
210
211 checkPermission(
212 permissionChecker, groupId, name, String.valueOf(primKey));
213 }
214
215 protected void checkPermission(
216 PermissionChecker permissionChecker, long groupId, String name,
217 String primKey)
218 throws PortalException, SystemException {
219
220 if (name.equals(Group.class.getName())) {
221 GroupPermissionUtil.check(
222 permissionChecker, GetterUtil.getLong(primKey),
223 ActionKeys.PERMISSIONS);
224 }
225 else if (name.equals(Layout.class.getName())) {
226 long plid = GetterUtil.getLong(primKey);
227
228 Layout layout = layoutPersistence.findByPrimaryKey(plid);
229
230 GroupPermissionUtil.check(
231 permissionChecker, layout.getGroupId(),
232 ActionKeys.MANAGE_LAYOUTS);
233 }
234 else if (name.equals(User.class.getName())) {
235 long userId = GetterUtil.getLong(primKey);
236
237 User user = userPersistence.findByPrimaryKey(userId);
238
239 UserPermissionUtil.check(
240 permissionChecker, userId, user.getOrganizationIds(),
241 ActionKeys.PERMISSIONS);
242 }
243 else if ((primKey != null) &&
244 (primKey.indexOf(PortletConstants.LAYOUT_SEPARATOR) != -1)) {
245
246 int pos = primKey.indexOf(PortletConstants.LAYOUT_SEPARATOR);
247
248 long plid = GetterUtil.getLong(primKey.substring(0, pos));
249
250 String portletId = primKey.substring(
251 pos + PortletConstants.LAYOUT_SEPARATOR.length(),
252 primKey.length());
253
254 if (!PortletPermissionUtil.contains(
255 permissionChecker, plid, portletId,
256 ActionKeys.CONFIGURATION)) {
257
258 throw new PrincipalException();
259 }
260 }
261 else if (!permissionChecker.hasPermission(
262 groupId, name, primKey, ActionKeys.PERMISSIONS) &&
263 !permissionChecker.hasPermission(
264 groupId, name, primKey, ActionKeys.DEFINE_PERMISSIONS)) {
265
266 throw new PrincipalException();
267 }
268 }
269
270 }