1
14
15 package com.liferay.portal.service.permission;
16
17 import com.liferay.portal.PortalException;
18 import com.liferay.portal.SystemException;
19 import com.liferay.portal.kernel.log.Log;
20 import com.liferay.portal.kernel.log.LogFactoryUtil;
21 import com.liferay.portal.model.Group;
22 import com.liferay.portal.model.Layout;
23 import com.liferay.portal.model.Portlet;
24 import com.liferay.portal.model.PortletConstants;
25 import com.liferay.portal.security.auth.PrincipalException;
26 import com.liferay.portal.security.permission.ActionKeys;
27 import com.liferay.portal.security.permission.PermissionChecker;
28 import com.liferay.portal.security.permission.ResourceActionsUtil;
29 import com.liferay.portal.service.GroupLocalServiceUtil;
30 import com.liferay.portal.service.LayoutLocalServiceUtil;
31 import com.liferay.portal.util.PropsValues;
32
33 import java.util.List;
34
35
40 public class PortletPermissionImpl implements PortletPermission {
41
42 public static final boolean DEFAULT_STRICT = false;
43
44 public void check(
45 PermissionChecker permissionChecker, long plid, String portletId,
46 String actionId)
47 throws PortalException, SystemException {
48
49 check(permissionChecker, plid, portletId, actionId, DEFAULT_STRICT);
50 }
51
52 public void check(
53 PermissionChecker permissionChecker, long plid, String portletId,
54 String actionId, boolean strict)
55 throws PortalException, SystemException {
56
57 if (!contains(permissionChecker, plid, portletId, actionId, strict)) {
58 throw new PrincipalException();
59 }
60 }
61
62 public void check(
63 PermissionChecker permissionChecker, String portletId,
64 String actionId)
65 throws PortalException, SystemException {
66
67 if (!contains(permissionChecker, portletId, actionId)) {
68 throw new PrincipalException();
69 }
70 }
71
72 public boolean contains(
73 PermissionChecker permissionChecker, long plid, Portlet portlet,
74 String actionId)
75 throws PortalException, SystemException {
76
77 return contains(
78 permissionChecker, plid, portlet, actionId, DEFAULT_STRICT);
79 }
80
81 public boolean contains(
82 PermissionChecker permissionChecker, long plid, Portlet portlet,
83 String actionId, boolean strict)
84 throws PortalException, SystemException {
85
86 if (portlet.isUndeployedPortlet()) {
87 return false;
88 }
89
90 boolean value = contains(
91 permissionChecker, plid, portlet.getPortletId(), actionId, strict);
92
93 if (value) {
94 return true;
95 }
96 else {
97 if (portlet.isSystem() && actionId.equals(ActionKeys.VIEW)) {
98 return true;
99 }
100 else {
101 return false;
102 }
103 }
104 }
105
106 public boolean contains(
107 PermissionChecker permissionChecker, long plid, String portletId,
108 String actionId)
109 throws PortalException, SystemException {
110
111 return contains(
112 permissionChecker, plid, portletId, actionId, DEFAULT_STRICT);
113 }
114
115 public boolean contains(
116 PermissionChecker permissionChecker, long plid, String portletId,
117 String actionId, boolean strict)
118 throws PortalException, SystemException {
119
120 long groupId = 0;
121 String name = null;
122 String primKey = null;
123
124 if (plid > 0) {
125 Layout layout = LayoutLocalServiceUtil.getLayout(plid);
126
127 groupId = layout.getGroupId();
128 name = PortletConstants.getRootPortletId(portletId);
129 primKey = getPrimaryKey(plid, portletId);
130
131 if ((layout.isPrivateLayout() &&
132 !PropsValues.LAYOUT_USER_PRIVATE_LAYOUTS_MODIFIABLE) ||
133 (layout.isPublicLayout() &&
134 !PropsValues.LAYOUT_USER_PUBLIC_LAYOUTS_MODIFIABLE)) {
135
136 if (actionId.equals(ActionKeys.CONFIGURATION)) {
137 Group group = GroupLocalServiceUtil.getGroup(
138 layout.getGroupId());
139
140 if (group.isUser()) {
141 return false;
142 }
143 }
144 }
145
146 if (!strict) {
147 if (LayoutPermissionUtil.contains(
148 permissionChecker, groupId, layout.isPrivateLayout(),
149 layout.getLayoutId(), ActionKeys.UPDATE) &&
150 hasLayoutManagerPermission(portletId, actionId)) {
151
152 return true;
153 }
154 }
155 }
156 else {
157 name = portletId;
158 primKey = portletId;
159 }
160
161 return permissionChecker.hasPermission(
162 groupId, name, primKey, actionId);
163 }
164
165 public boolean contains(
166 PermissionChecker permissionChecker, String portletId,
167 String actionId)
168 throws PortalException, SystemException {
169
170 return contains(permissionChecker, 0, portletId, actionId);
171 }
172
173 public String getPrimaryKey(long plid, String portletId) {
174 return String.valueOf(plid).concat(
175 PortletConstants.LAYOUT_SEPARATOR).concat(portletId);
176 }
177
178 public boolean hasLayoutManagerPermission(
179 String portletId, String actionId) {
180
181 try {
182 return hasLayoutManagerPermissionImpl(portletId, actionId);
183 }
184 catch (Exception e) {
185 _log.error(e, e);
186
187 return false;
188 }
189 }
190
191 protected boolean hasLayoutManagerPermissionImpl(
192 String portletId, String actionId) {
193
194 portletId = PortletConstants.getRootPortletId(portletId);
195
196 List<String> layoutManagerActions =
197 ResourceActionsUtil.getPortletResourceLayoutManagerActions(
198 portletId);
199
200 return layoutManagerActions.contains(actionId);
201 }
202
203 private static Log _log = LogFactoryUtil.getLog(
204 PortletPermissionImpl.class);
205
206 }