001
014
015 package com.liferay.portal.security.permission;
016
017 import com.liferay.portal.kernel.util.SetUtil;
018 import com.liferay.portal.kernel.util.WebKeys;
019 import com.liferay.portal.model.ResourceConstants;
020 import com.liferay.portal.service.ResourcePermissionLocalServiceUtil;
021 import com.liferay.portal.service.ResourcePermissionServiceUtil;
022 import com.liferay.portal.theme.ThemeDisplay;
023
024 import java.util.ArrayList;
025 import java.util.HashSet;
026 import java.util.List;
027 import java.util.Set;
028
029 import javax.portlet.ActionRequest;
030
031
034 public abstract class BasePermissionPropagator implements PermissionPropagator {
035
036 protected Set<String> getActionIds(String className) {
037 List<String> actionIds = ResourceActionsUtil.getModelResourceActions(
038 className);
039
040 return SetUtil.fromCollection(actionIds);
041 }
042
043 protected Set<String> getAvailableActionIds(
044 long companyId, String className, long primKey, long roleId,
045 Set<String> actionIds)
046 throws Exception {
047
048 List<String> availableActionIds =
049 ResourcePermissionLocalServiceUtil.
050 getAvailableResourcePermissionActionIds(
051 companyId, className, ResourceConstants.SCOPE_INDIVIDUAL,
052 String.valueOf(primKey), roleId, actionIds);
053
054 return SetUtil.fromCollection(availableActionIds);
055 }
056
057 protected void propagateRolePermissions(
058 ActionRequest actionRequest, long roleId, String parentClassName,
059 long parentPrimKey, String childClassName, long childPrimKey)
060 throws Exception {
061
062 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
063 WebKeys.THEME_DISPLAY);
064
065 Set<String> parentActionIds = getActionIds(parentClassName);
066 Set<String> childActionIds = getActionIds(childClassName);
067
068 Set<String> parentAndChildCommonActionIds = new HashSet<String>();
069
070 for (String actionId : childActionIds) {
071 if (parentActionIds.contains(actionId)) {
072 parentAndChildCommonActionIds.add(actionId);
073 }
074 }
075
076 Set<String> parentAvailableActionIds = getAvailableActionIds(
077 themeDisplay.getCompanyId(), parentClassName, parentPrimKey, roleId,
078 parentActionIds);
079 Set<String> childAvailableActionIds = getAvailableActionIds(
080 themeDisplay.getCompanyId(), childClassName, childPrimKey, roleId,
081 childActionIds);
082
083 List<String> actionIds = new ArrayList<String>();
084
085 for (String actionId : parentAndChildCommonActionIds) {
086 if (parentAvailableActionIds.contains(actionId)) {
087 actionIds.add(actionId);
088 }
089 }
090
091 for (String actionId : childAvailableActionIds) {
092 if (!parentAndChildCommonActionIds.contains(actionId)) {
093 actionIds.add(actionId);
094 }
095 }
096
097 ResourcePermissionServiceUtil.setIndividualResourcePermissions(
098 themeDisplay.getScopeGroupId(), themeDisplay.getCompanyId(),
099 childClassName, String.valueOf(childPrimKey), roleId,
100 actionIds.toArray(new String[actionIds.size()]));
101 }
102
103 }