001    /**
002     * Copyright (c) 2000-2012 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portlet.portletconfiguration.action;
016    
017    import com.liferay.portal.kernel.servlet.SessionErrors;
018    import com.liferay.portal.kernel.util.Constants;
019    import com.liferay.portal.kernel.util.GetterUtil;
020    import com.liferay.portal.kernel.util.ParamUtil;
021    import com.liferay.portal.kernel.util.StringUtil;
022    import com.liferay.portal.kernel.util.Validator;
023    import com.liferay.portal.model.Layout;
024    import com.liferay.portal.model.Organization;
025    import com.liferay.portal.model.Portlet;
026    import com.liferay.portal.model.PortletConstants;
027    import com.liferay.portal.model.Resource;
028    import com.liferay.portal.model.UserGroup;
029    import com.liferay.portal.security.auth.PrincipalException;
030    import com.liferay.portal.security.permission.PermissionPropagator;
031    import com.liferay.portal.service.PermissionServiceUtil;
032    import com.liferay.portal.service.PortletLocalServiceUtil;
033    import com.liferay.portal.service.ResourceBlockLocalServiceUtil;
034    import com.liferay.portal.service.ResourceBlockServiceUtil;
035    import com.liferay.portal.service.ResourceLocalServiceUtil;
036    import com.liferay.portal.service.ResourcePermissionServiceUtil;
037    import com.liferay.portal.servlet.filters.cache.CacheUtil;
038    import com.liferay.portal.theme.ThemeDisplay;
039    import com.liferay.portal.util.PropsValues;
040    import com.liferay.portal.util.WebKeys;
041    
042    import java.util.ArrayList;
043    import java.util.Enumeration;
044    import java.util.HashMap;
045    import java.util.List;
046    import java.util.Map;
047    
048    import javax.portlet.ActionRequest;
049    import javax.portlet.ActionResponse;
050    import javax.portlet.PortletConfig;
051    import javax.portlet.RenderRequest;
052    import javax.portlet.RenderResponse;
053    
054    import org.apache.struts.action.ActionForm;
055    import org.apache.struts.action.ActionForward;
056    import org.apache.struts.action.ActionMapping;
057    
058    /**
059     * @author Brian Wing Shun Chan
060     * @author Connor McKay
061     */
062    public class EditPermissionsAction extends EditConfigurationAction {
063    
064            @Override
065            public void processAction(
066                            ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
067                            ActionRequest actionRequest, ActionResponse actionResponse)
068                    throws Exception {
069    
070                    String cmd = ParamUtil.getString(actionRequest, Constants.CMD);
071    
072                    try {
073                            if (cmd.equals("group_permissions")) {
074                                    updateGroupPermissions(actionRequest);
075                            }
076                            else if (cmd.equals("guest_permissions")) {
077                                    updateGuestPermissions(actionRequest);
078                            }
079                            else if (cmd.equals("organization_permissions")) {
080                                    updateOrganizationPermissions(actionRequest);
081                            }
082                            else if (cmd.equals("role_permissions")) {
083                                    updateRolePermissions(actionRequest);
084                            }
085                            else if (cmd.equals("user_group_permissions")) {
086                                    updateUserGroupPermissions(actionRequest);
087                            }
088                            else if (cmd.equals("user_permissions")) {
089                                    updateUserPermissions(actionRequest);
090                            }
091    
092                            if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM < 5) {
093                                    String redirect = ParamUtil.getString(
094                                            actionRequest, "permissionsRedirect");
095    
096                                    sendRedirect(actionRequest, actionResponse, redirect);
097                            }
098                            else {
099                                    addSuccessMessage(actionRequest, actionResponse);
100                            }
101                    }
102                    catch (Exception e) {
103                            if (e instanceof PrincipalException) {
104                                    SessionErrors.add(actionRequest, e.getClass().getName());
105    
106                                    setForward(
107                                            actionRequest, "portlet.portlet_configuration.error");
108                            }
109                            else {
110                                    throw e;
111                            }
112                    }
113            }
114    
115            @Override
116            public ActionForward render(
117                            ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
118                            RenderRequest renderRequest, RenderResponse renderResponse)
119                    throws Exception {
120    
121                    ThemeDisplay themeDisplay = (ThemeDisplay)renderRequest.getAttribute(
122                            WebKeys.THEME_DISPLAY);
123    
124                    long groupId = themeDisplay.getScopeGroupId();
125    
126                    String portletResource = ParamUtil.getString(
127                            renderRequest, "portletResource");
128                    String modelResource = ParamUtil.getString(
129                            renderRequest, "modelResource");
130                    String resourcePrimKey = ParamUtil.getString(
131                            renderRequest, "resourcePrimKey");
132    
133                    String selResource = portletResource;
134    
135                    if (Validator.isNotNull(modelResource)) {
136                            selResource = modelResource;
137                    }
138    
139                    try {
140                            PermissionServiceUtil.checkPermission(
141                                    groupId, selResource, resourcePrimKey);
142                    }
143                    catch (PrincipalException pe) {
144                            SessionErrors.add(
145                                    renderRequest, PrincipalException.class.getName());
146    
147                            setForward(renderRequest, "portlet.portlet_configuration.error");
148                    }
149    
150                    Portlet portlet = PortletLocalServiceUtil.getPortletById(
151                            themeDisplay.getCompanyId(), portletResource);
152    
153                    if (portlet != null) {
154                            renderResponse.setTitle(getTitle(portlet, renderRequest));
155                    }
156    
157                    return mapping.findForward(getForward(
158                            renderRequest, "portlet.portlet_configuration.edit_permissions"));
159            }
160    
161            protected String[] getActionIds(
162                    ActionRequest actionRequest, long roleId, boolean includePreselected) {
163    
164                    List<String> actionIds = getActionIdsList(
165                            actionRequest, roleId, includePreselected);
166    
167                    return actionIds.toArray(new String[actionIds.size()]);
168            }
169    
170            protected List<String> getActionIdsList(
171                    ActionRequest actionRequest, long roleId, boolean includePreselected) {
172    
173                    List<String> actionIds = new ArrayList<String>();
174    
175                    Enumeration<String> enu = actionRequest.getParameterNames();
176    
177                    while (enu.hasMoreElements()) {
178                            String name = enu.nextElement();
179    
180                            if (name.startsWith(roleId + "_ACTION_")) {
181                                    int pos = name.indexOf("_ACTION_");
182    
183                                    String actionId = name.substring(pos + 8);
184    
185                                    actionIds.add(actionId);
186                            }
187                            else if (includePreselected &&
188                                             name.startsWith(roleId + "_PRESELECTED_")) {
189    
190                                    int pos = name.indexOf("_PRESELECTED_");
191    
192                                    String actionId = name.substring(pos + 13);
193    
194                                    actionIds.add(actionId);
195                            }
196                    }
197    
198                    return actionIds;
199            }
200    
201            protected void updateGroupPermissions(ActionRequest actionRequest)
202                    throws Exception {
203    
204                    Layout layout = (Layout)actionRequest.getAttribute(WebKeys.LAYOUT);
205    
206                    long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
207                    long groupId = ParamUtil.getLong(actionRequest, "groupId");
208                    String[] actionIds = StringUtil.split(
209                            ParamUtil.getString(actionRequest, "groupIdActionIds"));
210    
211                    PermissionServiceUtil.setGroupPermissions(
212                            groupId, actionIds, resourceId);
213    
214                    if (!layout.isPrivateLayout()) {
215                            Resource resource = ResourceLocalServiceUtil.getResource(
216                                    resourceId);
217    
218                            if (resource.getPrimKey().startsWith(
219                                            layout.getPlid() + PortletConstants.LAYOUT_SEPARATOR)) {
220    
221                                    CacheUtil.clearCache(layout.getCompanyId());
222                            }
223                    }
224            }
225    
226            protected void updateGuestPermissions(ActionRequest actionRequest)
227                    throws Exception {
228    
229                    ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
230                            WebKeys.THEME_DISPLAY);
231    
232                    long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
233                    String[] actionIds = StringUtil.split(
234                            ParamUtil.getString(actionRequest, "guestActionIds"));
235    
236                    PermissionServiceUtil.setUserPermissions(
237                            themeDisplay.getDefaultUserId(), themeDisplay.getScopeGroupId(),
238                            actionIds, resourceId);
239            }
240    
241            protected void updateOrganizationPermissions(ActionRequest actionRequest)
242                    throws Exception {
243    
244                    ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
245                            WebKeys.THEME_DISPLAY);
246    
247                    long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
248                    long organizationId = ParamUtil.getLong(
249                            actionRequest, "organizationIdsPosValue");
250                    String[] actionIds = StringUtil.split(
251                            ParamUtil.getString(actionRequest, "organizationIdActionIds"));
252                    //boolean organizationIntersection = ParamUtil.getBoolean(
253                    //        actionRequest, "organizationIntersection");
254    
255                    //if (!organizationIntersection) {
256                            PermissionServiceUtil.setGroupPermissions(
257                                    Organization.class.getName(), String.valueOf(organizationId),
258                                    themeDisplay.getScopeGroupId(), actionIds, resourceId);
259                    /*}
260                    else {
261                            PermissionServiceUtil.setOrgGroupPermissions(
262                                    organizationId, layout.getGroupId(), actionIds, resourceId);
263                    }*/
264            }
265    
266            protected void updateRolePermissions(ActionRequest actionRequest)
267                    throws Exception {
268    
269                    if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
270                            updateRolePermissions_5(actionRequest);
271                    }
272                    else if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
273                            updateRolePermissions_6(actionRequest);
274                    }
275                    else {
276                            updateRolePermissions_1to4(actionRequest);
277                    }
278            }
279    
280            protected void updateRolePermissions_1to4(ActionRequest actionRequest)
281                    throws Exception {
282    
283                    ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
284                            WebKeys.THEME_DISPLAY);
285    
286                    long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
287                    long roleId = ParamUtil.getLong(actionRequest, "roleIdsPosValue");
288                    String[] actionIds = StringUtil.split(
289                            ParamUtil.getString(actionRequest, "roleIdActionIds"));
290    
291                    PermissionServiceUtil.setRolePermissions(
292                            roleId, themeDisplay.getScopeGroupId(), actionIds, resourceId);
293            }
294    
295            protected void updateRolePermissions_5(ActionRequest actionRequest)
296                    throws Exception {
297    
298                    ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
299                            WebKeys.THEME_DISPLAY);
300    
301                    long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
302    
303                    Map<Long, String[]> roleIdsToActionIds = new HashMap<Long, String[]>();
304    
305                    long[] roleIds = StringUtil.split(
306                            ParamUtil.getString(
307                                    actionRequest, "rolesSearchContainerPrimaryKeys"), 0L);
308    
309                    for (long roleId : roleIds) {
310                            String[] actionIds = getActionIds(actionRequest, roleId, false);
311    
312                            roleIdsToActionIds.put(roleId, actionIds);
313                    }
314    
315                    PermissionServiceUtil.setIndividualPermissions(
316                            themeDisplay.getScopeGroupId(), themeDisplay.getCompanyId(),
317                            roleIdsToActionIds, resourceId);
318            }
319    
320            protected void updateRolePermissions_6(ActionRequest actionRequest)
321                    throws Exception {
322    
323                    ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
324                            WebKeys.THEME_DISPLAY);
325    
326                    String portletResource = ParamUtil.getString(
327                            actionRequest, "portletResource");
328                    String modelResource = ParamUtil.getString(
329                            actionRequest, "modelResource");
330                    long[] roleIds = StringUtil.split(
331                            ParamUtil.getString(
332                                    actionRequest, "rolesSearchContainerPrimaryKeys"), 0L);
333    
334                    String selResource = PortletConstants.getRootPortletId(portletResource);
335    
336                    if (Validator.isNotNull(modelResource)) {
337                            selResource = modelResource;
338                    }
339    
340                    String resourcePrimKey = ParamUtil.getString(
341                            actionRequest, "resourcePrimKey");
342    
343                    Map<Long, String[]> roleIdsToActionIds = new HashMap<Long, String[]>();
344    
345                    if (ResourceBlockLocalServiceUtil.isSupported(selResource)) {
346                            for (long roleId : roleIds) {
347                                    List<String> actionIds = getActionIdsList(
348                                            actionRequest, roleId, true);
349    
350                                    roleIdsToActionIds.put(
351                                            roleId, actionIds.toArray(new String[actionIds.size()]));
352                            }
353    
354                            ResourceBlockServiceUtil.setIndividualScopePermissions(
355                                    themeDisplay.getCompanyId(), themeDisplay.getScopeGroupId(),
356                                    selResource, GetterUtil.getLong(resourcePrimKey),
357                                    roleIdsToActionIds);
358                    }
359                    else {
360                            for (long roleId : roleIds) {
361                                    String[] actionIds = getActionIds(actionRequest, roleId, false);
362    
363                                    roleIdsToActionIds.put(roleId, actionIds);
364                            }
365    
366                            ResourcePermissionServiceUtil.setIndividualResourcePermissions(
367                                    themeDisplay.getScopeGroupId(), themeDisplay.getCompanyId(),
368                                    selResource, resourcePrimKey, roleIdsToActionIds);
369                    }
370    
371                    if (PropsValues.PERMISSIONS_PROPAGATION_ENABLED) {
372                            Portlet portlet = PortletLocalServiceUtil.getPortletById(
373                                    themeDisplay.getCompanyId(), portletResource);
374    
375                            PermissionPropagator permissionPropagator =
376                                    portlet.getPermissionPropagatorInstance();
377    
378                            if (permissionPropagator != null) {
379                                    permissionPropagator.propagateRolePermissions(
380                                            actionRequest, modelResource, resourcePrimKey, roleIds);
381                            }
382                    }
383            }
384    
385            protected void updateUserGroupPermissions(ActionRequest actionRequest)
386                    throws Exception {
387    
388                    ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
389                            WebKeys.THEME_DISPLAY);
390    
391                    long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
392                    long userGroupId = ParamUtil.getLong(
393                            actionRequest, "userGroupIdsPosValue");
394                    String[] actionIds = StringUtil.split(
395                            ParamUtil.getString(actionRequest, "userGroupIdActionIds"));
396    
397                    PermissionServiceUtil.setGroupPermissions(
398                            UserGroup.class.getName(), String.valueOf(userGroupId),
399                            themeDisplay.getScopeGroupId(), actionIds, resourceId);
400            }
401    
402            protected void updateUserPermissions(ActionRequest actionRequest)
403                    throws Exception {
404    
405                    ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
406                            WebKeys.THEME_DISPLAY);
407    
408                    long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
409                    long userId = ParamUtil.getLong(actionRequest, "userIdsPosValue");
410                    String[] actionIds = StringUtil.split(
411                            ParamUtil.getString(actionRequest, "userIdActionIds"));
412    
413                    PermissionServiceUtil.setUserPermissions(
414                            userId, themeDisplay.getScopeGroupId(), actionIds, resourceId);
415            }
416    
417    }