001
014
015 package com.liferay.portal.service.impl;
016
017 import com.liferay.portal.NoSuchResourceException;
018 import com.liferay.portal.ResourceActionsException;
019 import com.liferay.portal.kernel.exception.PortalException;
020 import com.liferay.portal.kernel.exception.SystemException;
021 import com.liferay.portal.kernel.log.Log;
022 import com.liferay.portal.kernel.log.LogFactoryUtil;
023 import com.liferay.portal.kernel.search.SearchEngineUtil;
024 import com.liferay.portal.kernel.util.ListUtil;
025 import com.liferay.portal.model.AuditedModel;
026 import com.liferay.portal.model.ClassedModel;
027 import com.liferay.portal.model.Group;
028 import com.liferay.portal.model.GroupConstants;
029 import com.liferay.portal.model.GroupedModel;
030 import com.liferay.portal.model.Permission;
031 import com.liferay.portal.model.PermissionedModel;
032 import com.liferay.portal.model.Resource;
033 import com.liferay.portal.model.ResourceCode;
034 import com.liferay.portal.model.ResourceConstants;
035 import com.liferay.portal.model.ResourcePermission;
036 import com.liferay.portal.model.Role;
037 import com.liferay.portal.model.RoleConstants;
038 import com.liferay.portal.model.impl.ResourceImpl;
039 import com.liferay.portal.security.permission.PermissionCacheUtil;
040 import com.liferay.portal.security.permission.PermissionThreadLocal;
041 import com.liferay.portal.security.permission.PermissionsListFilter;
042 import com.liferay.portal.security.permission.PermissionsListFilterFactory;
043 import com.liferay.portal.security.permission.ResourceActionsUtil;
044 import com.liferay.portal.service.ServiceContext;
045 import com.liferay.portal.service.base.ResourceLocalServiceBaseImpl;
046 import com.liferay.portal.util.PropsValues;
047 import com.liferay.portal.util.ResourcePermissionsThreadLocal;
048 import com.liferay.portal.util.comparator.ResourceComparator;
049
050 import java.util.Arrays;
051 import java.util.Iterator;
052 import java.util.List;
053
054
061 public class ResourceLocalServiceImpl extends ResourceLocalServiceBaseImpl {
062
063 public void addModelResources(
064 AuditedModel auditedModel, ServiceContext serviceContext)
065 throws PortalException, SystemException {
066
067 ClassedModel classedModel = (ClassedModel)auditedModel;
068
069 if (serviceContext.isAddGroupPermissions() ||
070 serviceContext.isAddGuestPermissions()) {
071
072 addResources(
073 auditedModel.getCompanyId(), getGroupId(auditedModel),
074 auditedModel.getUserId(), classedModel.getModelClassName(),
075 String.valueOf(classedModel.getPrimaryKeyObj()), false,
076 serviceContext.isAddGroupPermissions(),
077 serviceContext.isAddGuestPermissions(),
078 getPermissionedModel(auditedModel));
079 }
080 else {
081 if (serviceContext.isDeriveDefaultPermissions()) {
082 serviceContext.deriveDefaultPermissions(
083 getGroupId(auditedModel), classedModel.getModelClassName());
084 }
085
086 addModelResources(
087 auditedModel.getCompanyId(), getGroupId(auditedModel),
088 auditedModel.getUserId(), classedModel.getModelClassName(),
089 String.valueOf(classedModel.getPrimaryKeyObj()),
090 serviceContext.getGroupPermissions(),
091 serviceContext.getGuestPermissions(),
092 getPermissionedModel(auditedModel));
093 }
094 }
095
096 public void addModelResources(
097 long companyId, long groupId, long userId, String name,
098 long primKey, String[] groupPermissions, String[] guestPermissions)
099 throws PortalException, SystemException {
100
101 addModelResources(
102 companyId, groupId, userId, name, String.valueOf(primKey),
103 groupPermissions, guestPermissions, null);
104 }
105
106 public void addModelResources(
107 long companyId, long groupId, long userId, String name,
108 String primKey, String[] groupPermissions,
109 String[] guestPermissions)
110 throws PortalException, SystemException {
111
112 addModelResources(
113 companyId, groupId, userId, name, primKey, groupPermissions,
114 guestPermissions, null);
115 }
116
117 public Resource addResource(
118 long companyId, String name, int scope, String primKey)
119 throws SystemException {
120
121 if (!PermissionThreadLocal.isAddResource()) {
122 return null;
123 }
124
125 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
126 return addResource_6(companyId, name, scope, primKey);
127 }
128 else {
129 return addResource_1to5(companyId, name, scope, primKey);
130 }
131 }
132
133 public void addResources(
134 long companyId, long groupId, long userId, String name,
135 long primKey, boolean portletActions, boolean addGroupPermissions,
136 boolean addGuestPermissions)
137 throws PortalException, SystemException {
138
139 addResources(
140 companyId, groupId, userId, name, String.valueOf(primKey),
141 portletActions, addGroupPermissions, addGuestPermissions, null);
142 }
143
144 public void addResources(
145 long companyId, long groupId, long userId, String name,
146 String primKey, boolean portletActions, boolean addGroupPermissions,
147 boolean addGuestPermissions)
148 throws PortalException, SystemException {
149
150 addResources(
151 companyId, groupId, userId, name, primKey, portletActions,
152 addGroupPermissions, addGuestPermissions, null);
153 }
154
155 public void addResources(
156 long companyId, long groupId, String name, boolean portletActions)
157 throws PortalException, SystemException {
158
159 addResources(
160 companyId, groupId, 0, name, null, portletActions, false, false);
161 }
162
163 public void deleteResource(AuditedModel auditedModel, int scope)
164 throws PortalException, SystemException {
165
166 ClassedModel classedModel = (ClassedModel)auditedModel;
167
168 deleteResource(
169 auditedModel.getCompanyId(), classedModel.getModelClassName(),
170 scope, String.valueOf(classedModel.getPrimaryKeyObj()),
171 getPermissionedModel(auditedModel));
172 }
173
174 @Override
175 public void deleteResource(long resourceId) throws SystemException {
176 try {
177 Resource resource = resourcePersistence.findByPrimaryKey(
178 resourceId);
179
180 deleteResource(resource);
181 }
182 catch (NoSuchResourceException nsre) {
183 if (_log.isWarnEnabled()) {
184 _log.warn(nsre);
185 }
186 }
187 }
188
189 public void deleteResource(
190 long companyId, String name, int scope, long primKey)
191 throws PortalException, SystemException {
192
193 deleteResource(companyId, name, scope, String.valueOf(primKey), null);
194 }
195
196 public void deleteResource(
197 long companyId, String name, int scope, String primKey)
198 throws PortalException, SystemException {
199
200 deleteResource(companyId, name, scope, primKey, null);
201 }
202
203 @Override
204 public void deleteResource(Resource resource) throws SystemException {
205
206
207
208 List<Permission> permissions = permissionPersistence.findByResourceId(
209 resource.getResourceId());
210
211 for (Permission permission : permissions) {
212 orgGroupPermissionPersistence.removeByPermissionId(
213 permission.getPermissionId());
214 }
215
216 permissionPersistence.removeByResourceId(resource.getResourceId());
217
218
219
220 resourcePersistence.remove(resource);
221 }
222
223 public void deleteResources(String name) throws SystemException {
224 List<Resource> resources = resourceFinder.findByName(name);
225
226 for (Resource resource : resources) {
227 deleteResource(resource);
228 }
229 }
230
231 public Resource fetchResource(
232 long companyId, String name, int scope, String primKey)
233 throws SystemException {
234
235 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
236 return getResource_6(companyId, name, scope, primKey);
237 }
238 else {
239 return fetchResource_1to5(companyId, name, scope, primKey);
240 }
241 }
242
243 public long getLatestResourceId() throws SystemException {
244 List<Resource> resources = resourcePersistence.findAll(
245 0, 1, new ResourceComparator());
246
247 if (resources.size() == 0) {
248 return 0;
249 }
250 else {
251 Resource resource = resources.get(0);
252
253 return resource.getResourceId();
254 }
255 }
256
257 @Override
258 public Resource getResource(long resourceId)
259 throws PortalException, SystemException {
260
261 return resourcePersistence.findByPrimaryKey(resourceId);
262 }
263
264 public Resource getResource(
265 long companyId, String name, int scope, String primKey)
266 throws PortalException, SystemException {
267
268 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
269 return getResource_6(companyId, name, scope, primKey);
270 }
271 else {
272 return getResource_1to5(companyId, name, scope, primKey);
273 }
274 }
275
276 public List<Resource> getResources() throws SystemException {
277 return resourcePersistence.findAll();
278 }
279
280 public void updateModelResources(
281 AuditedModel auditedModel, ServiceContext serviceContext)
282 throws PortalException, SystemException {
283
284 ClassedModel classedModel = (ClassedModel)auditedModel;
285
286 updateResources(
287 auditedModel.getCompanyId(), getGroupId(auditedModel),
288 classedModel.getModelClassName(),
289 String.valueOf(classedModel.getPrimaryKeyObj()),
290 serviceContext.getGroupPermissions(),
291 serviceContext.getGuestPermissions(),
292 getPermissionedModel(auditedModel));
293 }
294
295 public void updateResources(
296 long companyId, long groupId, String name, long primKey,
297 String[] groupPermissions, String[] guestPermissions)
298 throws PortalException, SystemException {
299
300 updateResources(
301 companyId, groupId, name, String.valueOf(primKey), groupPermissions,
302 guestPermissions, null);
303 }
304
305 public void updateResources(
306 long companyId, long groupId, String name, String primKey,
307 String[] groupPermissions, String[] guestPermissions)
308 throws PortalException, SystemException {
309
310 updateResources(
311 companyId, groupId, name, primKey, groupPermissions,
312 guestPermissions, null);
313 }
314
315 public void updateResources(
316 long companyId, String name, int scope, String primKey,
317 String newPrimKey)
318 throws PortalException, SystemException {
319
320 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
321 if (resourceBlockLocalService.isSupported(name)) {
322
323
324
325
326
327 }
328 else {
329 updateResources_6(companyId, name, scope, primKey, newPrimKey);
330 }
331 }
332 else {
333 updateResources_1to5(companyId, name, scope, primKey, newPrimKey);
334 }
335 }
336
337 protected void addGroupPermissions(
338 long companyId, long groupId, long userId, String name,
339 Resource resource, boolean portletActions,
340 PermissionedModel permissionedModel)
341 throws PortalException, SystemException {
342
343 List<String> actions = null;
344
345 if (portletActions) {
346 actions = ResourceActionsUtil.getPortletResourceGroupDefaultActions(
347 name);
348 }
349 else {
350 actions = ResourceActionsUtil.getModelResourceGroupDefaultActions(
351 name);
352 }
353
354 String[] actionIds = actions.toArray(new String[actions.size()]);
355
356 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
357 if (resourceBlockLocalService.isSupported(name)) {
358 addGroupPermissions_6Blocks(
359 groupId, resource, actions, permissionedModel);
360 }
361 else {
362 addGroupPermissions_6(groupId, resource, actionIds);
363 }
364 }
365 else {
366 addGroupPermissions_1to5(
367 companyId, groupId, userId, name, resource, portletActions,
368 actionIds);
369 }
370 }
371
372 protected void addGroupPermissions_1to5(
373 long companyId, long groupId, long userId, String name,
374 Resource resource, boolean portletActions, String[] actionIds)
375 throws PortalException, SystemException {
376
377 long resourceId = resource.getResourceId();
378 String primKey = resource.getPrimKey();
379
380 List<Permission> groupPermissionsList =
381 permissionLocalService.getPermissions(
382 companyId, actionIds, resourceId);
383
384 PermissionsListFilter permissionsListFilter =
385 PermissionsListFilterFactory.getInstance();
386
387 groupPermissionsList = permissionsListFilter.filterGroupPermissions(
388 companyId, groupId, userId, name, primKey, portletActions,
389 groupPermissionsList);
390
391 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
392 Role role = roleLocalService.getDefaultGroupRole(groupId);
393
394 rolePersistence.addPermissions(
395 role.getRoleId(), groupPermissionsList);
396 }
397 else {
398 groupPersistence.addPermissions(groupId, groupPermissionsList);
399 }
400 }
401
402 protected void addGroupPermissions_6(
403 long groupId, Resource resource, String[] actionIds)
404 throws PortalException, SystemException {
405
406 Role role = roleLocalService.getDefaultGroupRole(groupId);
407
408 resourcePermissionLocalService.setResourcePermissions(
409 resource.getCompanyId(), resource.getName(), resource.getScope(),
410 resource.getPrimKey(), role.getRoleId(), actionIds);
411 }
412
413 protected void addGroupPermissions_6Blocks(
414 long groupId, Resource resource, List<String> actionIds,
415 PermissionedModel permissionedModel)
416 throws PortalException, SystemException {
417
418 if (permissionedModel == null) {
419 throw new IllegalArgumentException("Permissioned model is null");
420 }
421
422
423
424 Role role = roleLocalService.getDefaultGroupRole(groupId);
425
426 resourceBlockLocalService.setIndividualScopePermissions(
427 resource.getCompanyId(), groupId, resource.getName(),
428 permissionedModel, role.getRoleId(), actionIds);
429 }
430
431 protected void addGuestPermissions(
432 long companyId, long groupId, long userId, String name,
433 Resource resource, boolean portletActions,
434 PermissionedModel permissionedModel)
435 throws PortalException, SystemException {
436
437 List<String> actions = null;
438
439 if (portletActions) {
440 actions = ResourceActionsUtil.getPortletResourceGuestDefaultActions(
441 name);
442 }
443 else {
444 actions = ResourceActionsUtil.getModelResourceGuestDefaultActions(
445 name);
446 }
447
448 String[] actionIds = actions.toArray(new String[actions.size()]);
449
450 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
451 if (resourceBlockLocalService.isSupported(name)) {
452 addGuestPermissions_6Blocks(
453 companyId, groupId, resource, actions, permissionedModel);
454 }
455 else {
456 addGuestPermissions_6(companyId, resource, actionIds);
457 }
458 }
459 else {
460 addGuestPermissions_1to5(
461 companyId, groupId, userId, name, resource, portletActions,
462 actionIds);
463 }
464 }
465
466 protected void addGuestPermissions_1to5(
467 long companyId, long groupId, long userId, String name,
468 Resource resource, boolean portletActions, String[] actionIds)
469 throws PortalException, SystemException {
470
471 List<Permission> guestPermissionsList =
472 permissionLocalService.getPermissions(
473 companyId, actionIds, resource.getResourceId());
474
475 PermissionsListFilter permissionsListFilter =
476 PermissionsListFilterFactory.getInstance();
477
478 guestPermissionsList = permissionsListFilter.filterGuestPermissions(
479 companyId, groupId, userId, name, resource.getPrimKey(),
480 portletActions, guestPermissionsList);
481
482 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
483 Role guestRole = roleLocalService.getRole(
484 companyId, RoleConstants.GUEST);
485
486 rolePersistence.addPermissions(
487 guestRole.getRoleId(), guestPermissionsList);
488 }
489 else {
490 long defaultUserId = userLocalService.getDefaultUserId(companyId);
491
492 userPersistence.addPermissions(defaultUserId, guestPermissionsList);
493 }
494 }
495
496 protected void addGuestPermissions_6(
497 long companyId, Resource resource, String[] actionIds)
498 throws PortalException, SystemException {
499
500 Role guestRole = roleLocalService.getRole(
501 companyId, RoleConstants.GUEST);
502
503 resourcePermissionLocalService.setResourcePermissions(
504 resource.getCompanyId(), resource.getName(), resource.getScope(),
505 resource.getPrimKey(), guestRole.getRoleId(), actionIds);
506 }
507
508 protected void addGuestPermissions_6Blocks(
509 long companyId, long groupId, Resource resource,
510 List<String> actionIds, PermissionedModel permissionedModel)
511 throws PortalException, SystemException {
512
513 if (permissionedModel == null) {
514 throw new IllegalArgumentException("Permissioned model is null");
515 }
516
517
518
519 Role guestRole = roleLocalService.getRole(
520 companyId, RoleConstants.GUEST);
521
522 resourceBlockLocalService.setIndividualScopePermissions(
523 resource.getCompanyId(), groupId, resource.getName(),
524 permissionedModel, guestRole.getRoleId(), actionIds);
525 }
526
527 protected void addModelResources(
528 long companyId, long groupId, long userId, String name,
529 String primKey, String[] groupPermissions,
530 String[] guestPermissions, PermissionedModel permissionedModel)
531 throws PortalException, SystemException {
532
533 if (!PermissionThreadLocal.isAddResource()) {
534 return;
535 }
536
537 validate(name, false);
538
539
540
541 addResource(
542 companyId, name, ResourceConstants.SCOPE_COMPANY,
543 String.valueOf(companyId));
544
545
546
547 Group guestGroup = groupLocalService.getGroup(
548 companyId, GroupConstants.GUEST);
549
550 addResource(
551 companyId, name, ResourceConstants.SCOPE_GROUP,
552 String.valueOf(guestGroup.getGroupId()));
553
554
555
556 if ((groupId > 0) && (guestGroup.getGroupId() != groupId)) {
557 addResource(
558 companyId, name, ResourceConstants.SCOPE_GROUP,
559 String.valueOf(groupId));
560 }
561
562 if (primKey == null) {
563 return;
564 }
565
566
567
568 Resource resource = addResource(
569 companyId, name, ResourceConstants.SCOPE_INDIVIDUAL, primKey);
570
571
572
573 boolean flushEnabled = PermissionThreadLocal.isFlushEnabled();
574
575 PermissionThreadLocal.setIndexEnabled(false);
576
577 try {
578 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
579 addModelResources_6(
580 companyId, groupId, userId, resource, groupPermissions,
581 guestPermissions, permissionedModel);
582 }
583 else {
584 addModelResources_1to5(
585 companyId, groupId, userId, resource, groupPermissions,
586 guestPermissions);
587 }
588 }
589 finally {
590 PermissionThreadLocal.setIndexEnabled(flushEnabled);
591
592 PermissionCacheUtil.clearCache();
593
594 SearchEngineUtil.updatePermissionFields(name, primKey);
595 }
596 }
597
598 protected void addModelResources_1to5(
599 long companyId, long groupId, long userId, Resource resource,
600 String[] groupPermissions, String[] guestPermissions)
601 throws PortalException, SystemException {
602
603 long defaultUserId = userLocalService.getDefaultUserId(companyId);
604
605 PermissionsListFilter permissionsListFilter =
606 PermissionsListFilterFactory.getInstance();
607
608 List<Permission> permissionsList =
609 permissionLocalService.addPermissions(
610 companyId, resource.getName(), resource.getResourceId(), false);
611
612 List<Permission> userPermissionsList =
613 permissionsListFilter.filterUserPermissions(
614 companyId, groupId, userId, resource.getName(),
615 resource.getPrimKey(), false, permissionsList);
616
617 filterOwnerPermissions(resource.getName(), userPermissionsList);
618
619 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
620
621
622
623 Role ownerRole = roleLocalService.getRole(
624 companyId, RoleConstants.OWNER);
625
626 rolePersistence.addPermissions(
627 ownerRole.getRoleId(), userPermissionsList);
628 }
629 else {
630
631
632
633 if ((userId > 0) && (userId != defaultUserId)) {
634 userPersistence.addPermissions(userId, userPermissionsList);
635 }
636 }
637
638
639
640 if (groupId > 0) {
641 if (groupPermissions == null) {
642 groupPermissions = new String[0];
643 }
644
645 List<Permission> groupPermissionsList =
646 permissionLocalService.getPermissions(
647 companyId, groupPermissions, resource.getResourceId());
648
649 groupPermissionsList = permissionsListFilter.filterGroupPermissions(
650 companyId, groupId, userId, resource.getName(),
651 resource.getPrimKey(), false, groupPermissionsList);
652
653 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
654 Role role = roleLocalService.getDefaultGroupRole(groupId);
655
656 rolePersistence.addPermissions(
657 role.getRoleId(), groupPermissionsList);
658 }
659 else {
660 groupPersistence.addPermissions(groupId, groupPermissionsList);
661 }
662 }
663
664
665
666 if (guestPermissions == null) {
667 guestPermissions = new String[0];
668 }
669
670 List<Permission> guestPermissionsList =
671 permissionLocalService.getPermissions(
672 companyId, guestPermissions, resource.getResourceId());
673
674 guestPermissionsList = permissionsListFilter.filterGuestPermissions(
675 companyId, groupId, userId, resource.getName(),
676 resource.getPrimKey(), false, guestPermissionsList);
677
678 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
679 Role guestRole = roleLocalService.getRole(
680 companyId, RoleConstants.GUEST);
681
682 rolePersistence.addPermissions(
683 guestRole.getRoleId(), guestPermissionsList);
684 }
685 else {
686 userPersistence.addPermissions(defaultUserId, guestPermissionsList);
687 }
688 }
689
690 protected void addModelResources_6(
691 long companyId, long groupId, long userId, Resource resource,
692 String[] groupPermissions, String[] guestPermissions,
693 PermissionedModel permissionedModel)
694 throws PortalException, SystemException {
695
696
697
698 Role ownerRole = roleLocalService.getRole(
699 companyId, RoleConstants.OWNER);
700
701 List<String> ownerActionIds =
702 ResourceActionsUtil.getModelResourceActions(resource.getName());
703
704 ownerActionIds = ListUtil.copy(ownerActionIds);
705
706 filterOwnerActions(resource.getName(), ownerActionIds);
707
708 String[] ownerPermissions = ownerActionIds.toArray(
709 new String[ownerActionIds.size()]);
710
711
712
713 Role defaultGroupRole = null;
714
715 if (groupId > 0) {
716 defaultGroupRole = roleLocalService.getDefaultGroupRole(groupId);
717
718 if (groupPermissions == null) {
719 groupPermissions = new String[0];
720 }
721 }
722
723
724
725 Role guestRole = roleLocalService.getRole(
726 companyId, RoleConstants.GUEST);
727
728 if (guestPermissions == null) {
729 guestPermissions = new String[0];
730 }
731
732 if (resourceBlockLocalService.isSupported(resource.getName())) {
733
734 if (permissionedModel == null) {
735 throw new IllegalArgumentException(
736 "Permissioned model is null");
737 }
738
739
740
741 resourceBlockLocalService.setIndividualScopePermissions(
742 resource.getCompanyId(), groupId, resource.getName(),
743 permissionedModel, ownerRole.getRoleId(), ownerActionIds);
744
745 if (groupId > 0) {
746 resourceBlockLocalService.setIndividualScopePermissions(
747 resource.getCompanyId(), groupId, resource.getName(),
748 permissionedModel, defaultGroupRole.getRoleId(),
749 Arrays.asList(groupPermissions));
750 }
751
752 resourceBlockLocalService.setIndividualScopePermissions(
753 resource.getCompanyId(), groupId, resource.getName(),
754 permissionedModel, guestRole.getRoleId(),
755 Arrays.asList(guestPermissions));
756 }
757 else {
758 resourcePermissionLocalService.setOwnerResourcePermissions(
759 resource.getCompanyId(), resource.getName(),
760 resource.getScope(), resource.getPrimKey(),
761 ownerRole.getRoleId(), userId, ownerPermissions);
762
763 if (groupId > 0) {
764 resourcePermissionLocalService.setResourcePermissions(
765 resource.getCompanyId(), resource.getName(),
766 resource.getScope(), resource.getPrimKey(),
767 defaultGroupRole.getRoleId(), groupPermissions);
768 }
769
770 resourcePermissionLocalService.setResourcePermissions(
771 resource.getCompanyId(), resource.getName(),
772 resource.getScope(), resource.getPrimKey(),
773 guestRole.getRoleId(), guestPermissions);
774 }
775 }
776
777 protected Resource addResource_1to5(
778 long companyId, String name, int scope, String primKey)
779 throws SystemException {
780
781 ResourceCode resourceCode = resourceCodeLocalService.getResourceCode(
782 companyId, name, scope);
783
784 long codeId = resourceCode.getCodeId();
785
786 Resource resource = resourcePersistence.fetchByC_P(codeId, primKey);
787
788 if (resource == null) {
789 long resourceId = counterLocalService.increment(
790 Resource.class.getName());
791
792 resource = resourcePersistence.create(resourceId);
793
794 resource.setCodeId(codeId);
795 resource.setPrimKey(primKey);
796
797 try {
798 resourcePersistence.update(resource, false);
799 }
800 catch (SystemException se) {
801 if (_log.isWarnEnabled()) {
802 _log.warn(
803 "Add failed, fetch {codeId=" + codeId + ", primKey=" +
804 primKey + "}");
805 }
806
807 resource = resourcePersistence.fetchByC_P(
808 codeId, primKey, false);
809
810 if (resource == null) {
811 throw se;
812 }
813 }
814 }
815
816 return resource;
817 }
818
819 protected Resource addResource_6(
820 long companyId, String name, int scope, String primKey) {
821
822 Resource resource = new ResourceImpl();
823
824 resource.setCompanyId(companyId);
825 resource.setName(name);
826 resource.setScope(scope);
827 resource.setPrimKey(primKey);
828
829 return resource;
830 }
831
832 protected void addResources(
833 long companyId, long groupId, long userId, String name,
834 String primKey, boolean portletActions, boolean addGroupPermissions,
835 boolean addGuestPermissions, PermissionedModel permissionedModel)
836 throws PortalException, SystemException {
837
838 if (!PermissionThreadLocal.isAddResource()) {
839 return;
840 }
841
842 validate(name, portletActions);
843
844
845
846 addResource(
847 companyId, name, ResourceConstants.SCOPE_COMPANY,
848 String.valueOf(companyId));
849
850 if (groupId > 0) {
851 addResource(
852 companyId, name, ResourceConstants.SCOPE_GROUP,
853 String.valueOf(groupId));
854 }
855
856 if (primKey == null) {
857 return;
858 }
859
860
861
862 Resource resource = addResource(
863 companyId, name, ResourceConstants.SCOPE_INDIVIDUAL, primKey);
864
865
866
867 boolean flushEnabled = PermissionThreadLocal.isFlushEnabled();
868
869 PermissionThreadLocal.setIndexEnabled(false);
870
871 List<ResourcePermission> resourcePermissions =
872 resourcePermissionPersistence.findByC_N_S_P(
873 companyId, name, ResourceConstants.SCOPE_INDIVIDUAL, primKey);
874
875 ResourcePermissionsThreadLocal.setResourcePermissions(
876 resourcePermissions);
877
878 try {
879 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
880 addResources_6(
881 companyId, groupId, userId, resource, portletActions,
882 permissionedModel);
883 }
884 else {
885 addResources_1to5(
886 companyId, groupId, userId, resource, portletActions);
887 }
888
889
890
891 if ((groupId > 0) && addGroupPermissions) {
892 addGroupPermissions(
893 companyId, groupId, userId, name, resource, portletActions,
894 permissionedModel);
895 }
896
897
898
899 if (addGuestPermissions) {
900
901
902
903
904 addGuestPermissions(
905 companyId, groupId, userId, name, resource, portletActions,
906 permissionedModel);
907 }
908 }
909 finally {
910 ResourcePermissionsThreadLocal.setResourcePermissions(null);
911
912 PermissionThreadLocal.setIndexEnabled(flushEnabled);
913
914 PermissionCacheUtil.clearCache();
915
916 SearchEngineUtil.updatePermissionFields(name, primKey);
917 }
918 }
919
920 protected void addResources_1to5(
921 long companyId, long groupId, long userId, Resource resource,
922 boolean portletActions)
923 throws PortalException, SystemException {
924
925 List<Permission> permissionsList =
926 permissionLocalService.addPermissions(
927 companyId, resource.getName(), resource.getResourceId(),
928 portletActions);
929
930 PermissionsListFilter permissionsListFilter =
931 PermissionsListFilterFactory.getInstance();
932
933 List<Permission> userPermissionsList =
934 permissionsListFilter.filterUserPermissions(
935 companyId, groupId, userId, resource.getName(),
936 resource.getPrimKey(), portletActions, permissionsList);
937
938 filterOwnerPermissions(resource.getName(), userPermissionsList);
939
940 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
941
942
943
944 Role ownerRole = roleLocalService.getRole(
945 companyId, RoleConstants.OWNER);
946
947 rolePersistence.addPermissions(
948 ownerRole.getRoleId(), userPermissionsList);
949 }
950 else {
951
952
953
954 long defaultUserId = userLocalService.getDefaultUserId(companyId);
955
956 if ((userId > 0) && (userId != defaultUserId)) {
957 userPersistence.addPermissions(userId, userPermissionsList);
958 }
959 }
960 }
961
962 protected void addResources_6(
963 long companyId, long groupId, long userId, Resource resource,
964 boolean portletActions, PermissionedModel permissionedModel)
965 throws PortalException, SystemException {
966
967 List<String> actionIds = null;
968
969 if (portletActions) {
970 actionIds = ResourceActionsUtil.getPortletResourceActions(
971 resource.getName());
972 }
973 else {
974 actionIds = ResourceActionsUtil.getModelResourceActions(
975 resource.getName());
976
977 actionIds = ListUtil.copy(actionIds);
978
979 filterOwnerActions(resource.getName(), actionIds);
980 }
981
982 Role role = roleLocalService.getRole(companyId, RoleConstants.OWNER);
983
984 if (resourceBlockLocalService.isSupported(resource.getName())) {
985 if (permissionedModel == null) {
986 throw new IllegalArgumentException(
987 "Permissioned model is null");
988 }
989
990
991
992 resourceBlockLocalService.setIndividualScopePermissions(
993 resource.getCompanyId(), groupId, resource.getName(),
994 permissionedModel, role.getRoleId(), actionIds);
995 }
996 else {
997 resourcePermissionLocalService.setOwnerResourcePermissions(
998 resource.getCompanyId(), resource.getName(),
999 resource.getScope(), resource.getPrimKey(), role.getRoleId(),
1000 userId, actionIds.toArray(new String[actionIds.size()]));
1001 }
1002 }
1003
1004 protected void deleteResource(
1005 long companyId, String name, int scope, String primKey,
1006 PermissionedModel permissionedModel)
1007 throws PortalException, SystemException{
1008
1009 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
1010 if (resourceBlockLocalService.isSupported(name)) {
1011 if (permissionedModel == null) {
1012 throw new IllegalArgumentException(
1013 "Permissioned model is null");
1014 }
1015
1016 resourceBlockLocalService.releasePermissionedModelResourceBlock(
1017 permissionedModel);
1018
1019 return;
1020 }
1021 else {
1022 resourcePermissionLocalService.deleteResourcePermissions(
1023 companyId, name, scope, primKey);
1024
1025 return;
1026 }
1027 }
1028
1029 try {
1030 Resource resource = getResource(companyId, name, scope, primKey);
1031
1032 deleteResource(resource.getResourceId());
1033 }
1034 catch (NoSuchResourceException nsre) {
1035 if (_log.isWarnEnabled()) {
1036 _log.warn(nsre);
1037 }
1038 }
1039 }
1040
1041 protected Resource fetchResource_1to5(
1042 long companyId, String name, int scope, String primKey)
1043 throws SystemException {
1044
1045 ResourceCode resourceCode = resourceCodeLocalService.getResourceCode(
1046 companyId, name, scope);
1047
1048 return resourcePersistence.fetchByC_P(
1049 resourceCode.getCodeId(), primKey);
1050 }
1051
1052 protected void filterOwnerActions(String name, List<String> actionIds) {
1053 List<String> defaultOwnerActions =
1054 ResourceActionsUtil.getModelResourceOwnerDefaultActions(name);
1055
1056 if (defaultOwnerActions.isEmpty()) {
1057 return;
1058 }
1059
1060 Iterator<String> itr = actionIds.iterator();
1061
1062 while (itr.hasNext()) {
1063 String actionId = itr.next();
1064
1065 if (!defaultOwnerActions.contains(actionId)) {
1066 itr.remove();
1067 }
1068 }
1069 }
1070
1071 protected void filterOwnerPermissions(
1072 String name, List<Permission> permissions) {
1073
1074 List<String> defaultOwnerActions =
1075 ResourceActionsUtil.getModelResourceOwnerDefaultActions(name);
1076
1077 if (defaultOwnerActions.isEmpty()) {
1078 return;
1079 }
1080
1081 Iterator<Permission> itr = permissions.iterator();
1082
1083 while (itr.hasNext()) {
1084 Permission permission = itr.next();
1085
1086 String actionId = permission.getActionId();
1087
1088 if (!defaultOwnerActions.contains(actionId)) {
1089 itr.remove();
1090 }
1091 }
1092 }
1093
1094 protected long getGroupId(AuditedModel auditedModel) {
1095 long groupId = 0;
1096
1097 if (auditedModel instanceof GroupedModel) {
1098 GroupedModel groupedModel = (GroupedModel)auditedModel;
1099
1100 groupId = groupedModel.getGroupId();
1101 }
1102
1103 return groupId;
1104 }
1105
1106 protected PermissionedModel getPermissionedModel(
1107 AuditedModel auditedModel) {
1108
1109 PermissionedModel permissionedModel = null;
1110
1111 if (auditedModel instanceof PermissionedModel) {
1112 permissionedModel = (PermissionedModel)auditedModel;
1113 }
1114
1115 return permissionedModel;
1116 }
1117
1118 protected Resource getResource_1to5(
1119 long companyId, String name, int scope, String primKey)
1120 throws PortalException, SystemException {
1121
1122 ResourceCode resourceCode = resourceCodeLocalService.getResourceCode(
1123 companyId, name, scope);
1124
1125 return resourcePersistence.findByC_P(resourceCode.getCodeId(), primKey);
1126 }
1127
1128 protected Resource getResource_6(
1129 long companyId, String name, int scope, String primKey) {
1130
1131 Resource resource = new ResourceImpl();
1132
1133 resource.setCompanyId(companyId);
1134 resource.setName(name);
1135 resource.setScope(scope);
1136 resource.setPrimKey(primKey);
1137
1138 return resource;
1139 }
1140
1141 protected void updateResources(
1142 long companyId, long groupId, String name, String primKey,
1143 String[] groupPermissions, String[] guestPermissions,
1144 PermissionedModel permissionedModel)
1145 throws PortalException, SystemException {
1146
1147 Resource resource = getResource(
1148 companyId, name, ResourceConstants.SCOPE_INDIVIDUAL, primKey);
1149
1150 if (groupPermissions == null) {
1151 groupPermissions = new String[0];
1152 }
1153
1154 if (guestPermissions == null) {
1155 guestPermissions = new String[0];
1156 }
1157
1158 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
1159 if (resourceBlockLocalService.isSupported(name)) {
1160 updateResources_6Blocks(
1161 companyId, groupId, resource, groupPermissions,
1162 guestPermissions, permissionedModel);
1163 }
1164 else {
1165 updateResources_6(
1166 companyId, groupId, resource, groupPermissions,
1167 guestPermissions);
1168 }
1169 }
1170 else {
1171 updateResources_1to5(
1172 companyId, groupId, resource, groupPermissions,
1173 guestPermissions);
1174 }
1175 }
1176
1177 protected void updateResources_1to5(
1178 long companyId, long groupId, Resource resource,
1179 String[] groupPermissions, String[] guestPermissions)
1180 throws PortalException, SystemException {
1181
1182 Role role = roleLocalService.getDefaultGroupRole(groupId);
1183
1184 permissionLocalService.setRolePermissions(
1185 role.getRoleId(), groupPermissions, resource.getResourceId());
1186
1187 role = roleLocalService.getRole(companyId, RoleConstants.GUEST);
1188
1189 permissionLocalService.setRolePermissions(
1190 role.getRoleId(), guestPermissions, resource.getResourceId());
1191 }
1192
1193 protected void updateResources_1to5(
1194 long companyId, String name, int scope, String primKey,
1195 String newPrimKey)
1196 throws PortalException, SystemException {
1197
1198 Resource resource = getResource(companyId, name, scope, primKey);
1199
1200 resource.setPrimKey(newPrimKey);
1201
1202 resourcePersistence.update(resource, false);
1203 }
1204
1205 protected void updateResources_6(
1206 long companyId, long groupId, Resource resource,
1207 String[] groupPermissions, String[] guestPermissions)
1208 throws PortalException, SystemException {
1209
1210 Role role = roleLocalService.getDefaultGroupRole(groupId);
1211
1212 resourcePermissionLocalService.setResourcePermissions(
1213 resource.getCompanyId(), resource.getName(), resource.getScope(),
1214 resource.getPrimKey(), role.getRoleId(), groupPermissions);
1215
1216 role = roleLocalService.getRole(companyId, RoleConstants.GUEST);
1217
1218 resourcePermissionLocalService.setResourcePermissions(
1219 resource.getCompanyId(), resource.getName(), resource.getScope(),
1220 resource.getPrimKey(), role.getRoleId(), guestPermissions);
1221 }
1222
1223 protected void updateResources_6(
1224 long companyId, String name, int scope, String primKey,
1225 String newPrimKey)
1226 throws SystemException {
1227
1228 List<ResourcePermission> resourcePermissions =
1229 resourcePermissionLocalService.getResourcePermissions(
1230 companyId, name, scope, primKey);
1231
1232 for (ResourcePermission resourcePermission : resourcePermissions) {
1233 resourcePermission.setPrimKey(newPrimKey);
1234
1235 resourcePermissionPersistence.update(resourcePermission, false);
1236 }
1237 }
1238
1239 protected void updateResources_6Blocks(
1240 long companyId, long groupId, Resource resource,
1241 String[] groupPermissions, String[] guestPermissions,
1242 PermissionedModel permissionedModel)
1243 throws PortalException, SystemException {
1244
1245 if (permissionedModel == null) {
1246 throw new IllegalArgumentException("Permissioned model is null");
1247 }
1248
1249
1250
1251 Role role = roleLocalService.getDefaultGroupRole(groupId);
1252
1253 resourceBlockLocalService.setIndividualScopePermissions(
1254 companyId, groupId, resource.getName(), permissionedModel,
1255 role.getRoleId(), Arrays.asList(groupPermissions));
1256
1257 role = roleLocalService.getRole(companyId, RoleConstants.GUEST);
1258
1259 resourceBlockLocalService.setIndividualScopePermissions(
1260 companyId, groupId, resource.getName(), permissionedModel,
1261 role.getRoleId(), Arrays.asList(guestPermissions));
1262 }
1263
1264 protected void validate(String name, boolean portletActions)
1265 throws PortalException {
1266
1267 List<String> actions = null;
1268
1269 if (portletActions) {
1270 actions = ResourceActionsUtil.getPortletResourceActions(name);
1271 }
1272 else {
1273 actions = ResourceActionsUtil.getModelResourceActions(name);
1274 }
1275
1276 if (actions.size() == 0) {
1277 throw new ResourceActionsException(
1278 "There are no actions associated with the resource " + name);
1279 }
1280 }
1281
1282 private static Log _log = LogFactoryUtil.getLog(
1283 ResourceLocalServiceImpl.class);
1284
1285 }