001
014
015 package com.liferay.portal.service.permission;
016
017 import com.liferay.portal.kernel.exception.PortalException;
018 import com.liferay.portal.kernel.exception.SystemException;
019 import com.liferay.portal.kernel.log.Log;
020 import com.liferay.portal.kernel.log.LogFactoryUtil;
021 import com.liferay.portal.kernel.staging.permission.StagingPermissionUtil;
022 import com.liferay.portal.kernel.util.Validator;
023 import com.liferay.portal.model.Group;
024 import com.liferay.portal.model.Layout;
025 import com.liferay.portal.model.LayoutTypePortlet;
026 import com.liferay.portal.model.Portlet;
027 import com.liferay.portal.model.PortletConstants;
028 import com.liferay.portal.model.impl.VirtualLayout;
029 import com.liferay.portal.security.auth.PrincipalException;
030 import com.liferay.portal.security.permission.ActionKeys;
031 import com.liferay.portal.security.permission.PermissionChecker;
032 import com.liferay.portal.security.permission.ResourceActionsUtil;
033 import com.liferay.portal.service.LayoutLocalServiceUtil;
034 import com.liferay.portal.service.PortletLocalServiceUtil;
035 import com.liferay.portal.util.PortletCategoryKeys;
036 import com.liferay.portal.util.PropsValues;
037 import com.liferay.portlet.sites.util.SitesUtil;
038
039 import java.util.Collection;
040 import java.util.List;
041
042 import javax.portlet.PortletMode;
043
044
048 public class PortletPermissionImpl implements PortletPermission {
049
050 public static final boolean DEFAULT_STRICT = false;
051
052 public void check(
053 PermissionChecker permissionChecker, Layout layout,
054 String portletId, String actionId)
055 throws PortalException, SystemException {
056
057 if (!contains(
058 permissionChecker, 0, layout, portletId, actionId,
059 DEFAULT_STRICT)) {
060
061 throw new PrincipalException();
062 }
063 }
064
065 public void check(
066 PermissionChecker permissionChecker, Layout layout,
067 String portletId, String actionId, boolean strict)
068 throws PortalException, SystemException {
069
070 if (!contains(
071 permissionChecker, 0, layout, portletId, actionId, strict)) {
072
073 throw new PrincipalException();
074 }
075 }
076
077 public void check(
078 PermissionChecker permissionChecker, long groupId, Layout layout,
079 String portletId, String actionId)
080 throws PortalException, SystemException {
081
082 if (!contains(
083 permissionChecker, groupId, layout, portletId, actionId,
084 DEFAULT_STRICT)) {
085
086 throw new PrincipalException();
087 }
088 }
089
090 public void check(
091 PermissionChecker permissionChecker, long groupId, Layout layout,
092 String portletId, String actionId, boolean strict)
093 throws PortalException, SystemException {
094
095 if (!contains(
096 permissionChecker, groupId, layout, portletId, actionId,
097 strict)) {
098
099 throw new PrincipalException();
100 }
101 }
102
103 public void check(
104 PermissionChecker permissionChecker, long groupId, long plid,
105 String portletId, String actionId)
106 throws PortalException, SystemException {
107
108 check(
109 permissionChecker, groupId, plid, portletId, actionId,
110 DEFAULT_STRICT);
111 }
112
113 public void check(
114 PermissionChecker permissionChecker, long groupId, long plid,
115 String portletId, String actionId, boolean strict)
116 throws PortalException, SystemException {
117
118 if (!contains(
119 permissionChecker, groupId, plid, portletId, actionId,
120 strict)) {
121
122 throw new PrincipalException();
123 }
124 }
125
126 public void check(
127 PermissionChecker permissionChecker, long plid, String portletId,
128 String actionId)
129 throws PortalException, SystemException {
130
131 check(permissionChecker, plid, portletId, actionId, DEFAULT_STRICT);
132 }
133
134 public void check(
135 PermissionChecker permissionChecker, long plid, String portletId,
136 String actionId, boolean strict)
137 throws PortalException, SystemException {
138
139 if (!contains(permissionChecker, plid, portletId, actionId, strict)) {
140 throw new PrincipalException();
141 }
142 }
143
144 public void check(
145 PermissionChecker permissionChecker, String portletId,
146 String actionId)
147 throws PortalException, SystemException {
148
149 if (!contains(permissionChecker, portletId, actionId)) {
150 throw new PrincipalException();
151 }
152 }
153
154 public boolean contains(
155 PermissionChecker permissionChecker, Layout layout, Portlet portlet,
156 String actionId)
157 throws PortalException, SystemException {
158
159 return contains(
160 permissionChecker, layout, portlet, actionId, DEFAULT_STRICT);
161 }
162
163 public boolean contains(
164 PermissionChecker permissionChecker, Layout layout, Portlet portlet,
165 String actionId, boolean strict)
166 throws PortalException, SystemException {
167
168 return contains(
169 permissionChecker, 0, layout, portlet, actionId, strict);
170 }
171
172 public boolean contains(
173 PermissionChecker permissionChecker, Layout layout,
174 String portletId, String actionId)
175 throws PortalException, SystemException {
176
177 return contains(
178 permissionChecker, layout, portletId, actionId, DEFAULT_STRICT);
179 }
180
181 public boolean contains(
182 PermissionChecker permissionChecker, Layout layout,
183 String portletId, String actionId, boolean strict)
184 throws PortalException, SystemException {
185
186 return contains(
187 permissionChecker, 0, layout, portletId, actionId, strict);
188 }
189
190 public boolean contains(
191 PermissionChecker permissionChecker, long groupId, Layout layout,
192 Portlet portlet, String actionId)
193 throws PortalException, SystemException {
194
195 return contains(
196 permissionChecker, groupId, layout, portlet, actionId,
197 DEFAULT_STRICT);
198 }
199
200 public boolean contains(
201 PermissionChecker permissionChecker, long groupId, Layout layout,
202 Portlet portlet, String actionId, boolean strict)
203 throws PortalException, SystemException {
204
205 if (portlet.isUndeployedPortlet()) {
206 return false;
207 }
208
209 if (portlet.isSystem() && actionId.equals(ActionKeys.VIEW)) {
210 return true;
211 }
212
213 return contains(
214 permissionChecker, groupId, layout, portlet.getPortletId(),
215 actionId, strict);
216 }
217
218 public boolean contains(
219 PermissionChecker permissionChecker, long groupId, Layout layout,
220 String portletId, String actionId)
221 throws PortalException, SystemException {
222
223 return contains(
224 permissionChecker, groupId, layout, portletId, actionId,
225 DEFAULT_STRICT);
226 }
227
228 public boolean contains(
229 PermissionChecker permissionChecker, long groupId, Layout layout,
230 String portletId, String actionId, boolean strict)
231 throws PortalException, SystemException {
232
233 String name = null;
234 String primKey = null;
235
236 if (layout == null) {
237 name = portletId;
238 primKey = portletId;
239
240 return permissionChecker.hasPermission(
241 groupId, name, primKey, actionId);
242 }
243
244 Group group = layout.getGroup();
245
246 groupId = group.getGroupId();
247
248 name = PortletConstants.getRootPortletId(portletId);
249 primKey = getPrimaryKey(layout.getPlid(), portletId);
250
251 if (!actionId.equals(ActionKeys.VIEW) &&
252 (layout instanceof VirtualLayout)) {
253
254 return hasCustomizePermission(
255 permissionChecker, layout, portletId, actionId);
256 }
257
258 if (!group.isLayoutSetPrototype() &&
259 !SitesUtil.isLayoutUpdateable(layout) &&
260 actionId.equals(ActionKeys.CONFIGURATION)) {
261
262 return false;
263 }
264
265 Boolean hasPermission = StagingPermissionUtil.hasPermission(
266 permissionChecker, groupId, name, groupId, name, actionId);
267
268 if (hasPermission != null) {
269 return hasPermission.booleanValue();
270 }
271
272 if (actionId.equals(ActionKeys.VIEW) && group.isControlPanel()) {
273 return true;
274 }
275
276 if (strict) {
277 return permissionChecker.hasPermission(
278 groupId, name, primKey, actionId);
279 }
280
281 if (hasConfigurePermission(
282 permissionChecker, layout, portletId, actionId) ||
283 hasCustomizePermission(
284 permissionChecker, layout, portletId, actionId)) {
285
286 return true;
287 }
288
289 return permissionChecker.hasPermission(
290 groupId, name, primKey, actionId);
291 }
292
293 public boolean contains(
294 PermissionChecker permissionChecker, long groupId, long plid,
295 Collection<Portlet> portlets, String actionId) {
296
297 for (Portlet portlet : portlets) {
298 if (permissionChecker.hasPermission(
299 groupId, portlet.getPortletId(), portlet.getPortletId(),
300 ActionKeys.ACCESS_IN_CONTROL_PANEL)) {
301
302 return true;
303 }
304 }
305
306 return false;
307 }
308
309 public boolean contains(
310 PermissionChecker permissionChecker, long groupId, long plid,
311 Portlet portlet, String actionId)
312 throws PortalException, SystemException {
313
314 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
315
316 return contains(
317 permissionChecker, groupId, layout, portlet, actionId,
318 DEFAULT_STRICT);
319 }
320
321 public boolean contains(
322 PermissionChecker permissionChecker, long groupId, long plid,
323 Portlet portlet, String actionId, boolean strict)
324 throws PortalException, SystemException {
325
326 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
327
328 return contains(
329 permissionChecker, groupId, layout, portlet, actionId, strict);
330 }
331
332 public boolean contains(
333 PermissionChecker permissionChecker, long groupId, long plid,
334 String portletId, String actionId)
335 throws PortalException, SystemException {
336
337 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
338
339 return contains(
340 permissionChecker, groupId, layout, portletId, actionId,
341 DEFAULT_STRICT);
342 }
343
344 public boolean contains(
345 PermissionChecker permissionChecker, long groupId, long plid,
346 String portletId, String actionId, boolean strict)
347 throws PortalException, SystemException {
348
349 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
350
351 return contains(
352 permissionChecker, groupId, layout, portletId, actionId, strict);
353 }
354
355 public boolean contains(
356 PermissionChecker permissionChecker, long plid, Portlet portlet,
357 String actionId)
358 throws PortalException, SystemException {
359
360 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
361
362 return contains(
363 permissionChecker, layout, portlet, actionId, DEFAULT_STRICT);
364 }
365
366 public boolean contains(
367 PermissionChecker permissionChecker, long plid, Portlet portlet,
368 String actionId, boolean strict)
369 throws PortalException, SystemException {
370
371 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
372
373 return contains(
374 permissionChecker, 0, layout, portlet, actionId, strict);
375 }
376
377 public boolean contains(
378 PermissionChecker permissionChecker, long plid, String portletId,
379 String actionId)
380 throws PortalException, SystemException {
381
382 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
383
384 return contains(
385 permissionChecker, layout, portletId, actionId, DEFAULT_STRICT);
386 }
387
388 public boolean contains(
389 PermissionChecker permissionChecker, long plid, String portletId,
390 String actionId, boolean strict)
391 throws PortalException, SystemException {
392
393 Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
394
395 return contains(
396 permissionChecker, 0, layout, portletId, actionId, strict);
397 }
398
399 public boolean contains(
400 PermissionChecker permissionChecker, String portletId,
401 String actionId)
402 throws PortalException, SystemException {
403
404 return contains(permissionChecker, 0, portletId, actionId);
405 }
406
407 public String getPrimaryKey(long plid, String portletId) {
408 return String.valueOf(plid).concat(
409 PortletConstants.LAYOUT_SEPARATOR).concat(portletId);
410 }
411
412 public boolean hasAccessPermission(
413 PermissionChecker permissionChecker, long scopeGroupId,
414 Layout layout, Portlet portlet, PortletMode portletMode)
415 throws PortalException, SystemException {
416
417 if ((layout != null) && layout.isTypeControlPanel()) {
418 String category = portlet.getControlPanelEntryCategory();
419
420 if (Validator.equals(category, PortletCategoryKeys.CONTENT)) {
421 layout = null;
422 }
423 }
424
425 boolean access = contains(
426 permissionChecker, scopeGroupId, layout, portlet, ActionKeys.VIEW);
427
428 if (access && !PropsValues.TCK_URL &&
429 portletMode.equals(PortletMode.EDIT)) {
430
431 access = contains(
432 permissionChecker, scopeGroupId, layout, portlet,
433 ActionKeys.PREFERENCES);
434 }
435
436 return access;
437 }
438
439 public boolean hasLayoutManagerPermission(
440 String portletId, String actionId) {
441
442 try {
443 portletId = PortletConstants.getRootPortletId(portletId);
444
445 List<String> layoutManagerActions =
446 ResourceActionsUtil.getPortletResourceLayoutManagerActions(
447 portletId);
448
449 return layoutManagerActions.contains(actionId);
450 }
451 catch (Exception e) {
452 _log.error(e, e);
453
454 return false;
455 }
456 }
457
458 protected boolean hasConfigurePermission(
459 PermissionChecker permissionChecker, Layout layout,
460 String portletId, String actionId)
461 throws PortalException, SystemException {
462
463 if (!actionId.equals(ActionKeys.CONFIGURATION)) {
464 return false;
465 }
466
467 Portlet portlet = PortletLocalServiceUtil.getPortletById(
468 layout.getCompanyId(), portletId);
469
470 if (portlet.isPreferencesUniquePerLayout()) {
471 return LayoutPermissionUtil.contains(
472 permissionChecker, layout, ActionKeys.CONFIGURE_PORTLETS);
473 }
474
475 return GroupPermissionUtil.contains(
476 permissionChecker, layout.getGroupId(),
477 ActionKeys.CONFIGURE_PORTLETS);
478 }
479
480 protected boolean hasCustomizePermission(
481 PermissionChecker permissionChecker, Layout layout,
482 String portletId, String actionId)
483 throws PortalException, SystemException {
484
485 LayoutTypePortlet layoutTypePortlet =
486 (LayoutTypePortlet)layout.getLayoutType();
487
488 if (layoutTypePortlet.isCustomizedView() &&
489 layoutTypePortlet.isPortletCustomizable(portletId) &&
490 LayoutPermissionUtil.contains(
491 permissionChecker, layout, ActionKeys.CUSTOMIZE)) {
492
493 if (actionId.equals(ActionKeys.VIEW)) {
494 return true;
495 }
496 else if (actionId.equals(ActionKeys.CONFIGURATION)) {
497 Portlet portlet = PortletLocalServiceUtil.getPortletById(
498 layout.getCompanyId(), portletId);
499
500 if (portlet.isPreferencesUniquePerLayout()) {
501 return true;
502 }
503 }
504 }
505
506 return false;
507 }
508
509 private static Log _log = LogFactoryUtil.getLog(
510 PortletPermissionImpl.class);
511
512 }