001    /**
002     * Copyright (c) 2000-2012 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.service.permission;
016    
017    import com.liferay.portal.kernel.exception.PortalException;
018    import com.liferay.portal.kernel.exception.SystemException;
019    import com.liferay.portal.kernel.log.Log;
020    import com.liferay.portal.kernel.log.LogFactoryUtil;
021    import com.liferay.portal.kernel.staging.permission.StagingPermissionUtil;
022    import com.liferay.portal.kernel.util.Validator;
023    import com.liferay.portal.model.Group;
024    import com.liferay.portal.model.Layout;
025    import com.liferay.portal.model.LayoutTypePortlet;
026    import com.liferay.portal.model.Portlet;
027    import com.liferay.portal.model.PortletConstants;
028    import com.liferay.portal.model.impl.VirtualLayout;
029    import com.liferay.portal.security.auth.PrincipalException;
030    import com.liferay.portal.security.permission.ActionKeys;
031    import com.liferay.portal.security.permission.PermissionChecker;
032    import com.liferay.portal.security.permission.ResourceActionsUtil;
033    import com.liferay.portal.service.LayoutLocalServiceUtil;
034    import com.liferay.portal.service.PortletLocalServiceUtil;
035    import com.liferay.portal.util.PortletCategoryKeys;
036    import com.liferay.portal.util.PropsValues;
037    import com.liferay.portlet.sites.util.SitesUtil;
038    
039    import java.util.Collection;
040    import java.util.List;
041    
042    import javax.portlet.PortletMode;
043    
044    /**
045     * @author Brian Wing Shun Chan
046     * @author Raymond Augé
047     */
048    public class PortletPermissionImpl implements PortletPermission {
049    
050            public static final boolean DEFAULT_STRICT = false;
051    
052            public void check(
053                            PermissionChecker permissionChecker, Layout layout,
054                            String portletId, String actionId)
055                    throws PortalException, SystemException {
056    
057                    if (!contains(
058                                    permissionChecker, 0, layout, portletId, actionId,
059                                    DEFAULT_STRICT)) {
060    
061                            throw new PrincipalException();
062                    }
063            }
064    
065            public void check(
066                            PermissionChecker permissionChecker, Layout layout,
067                            String portletId, String actionId, boolean strict)
068                    throws PortalException, SystemException {
069    
070                    if (!contains(
071                                    permissionChecker, 0, layout, portletId, actionId, strict)) {
072    
073                            throw new PrincipalException();
074                    }
075            }
076    
077            public void check(
078                            PermissionChecker permissionChecker, long groupId, Layout layout,
079                            String portletId, String actionId)
080                    throws PortalException, SystemException {
081    
082                    if (!contains(
083                                    permissionChecker, groupId, layout, portletId, actionId,
084                                    DEFAULT_STRICT)) {
085    
086                            throw new PrincipalException();
087                    }
088            }
089    
090            public void check(
091                            PermissionChecker permissionChecker, long groupId, Layout layout,
092                            String portletId, String actionId, boolean strict)
093                    throws PortalException, SystemException {
094    
095                    if (!contains(
096                                    permissionChecker, groupId, layout, portletId, actionId,
097                                    strict)) {
098    
099                            throw new PrincipalException();
100                    }
101            }
102    
103            public void check(
104                            PermissionChecker permissionChecker, long groupId, long plid,
105                            String portletId, String actionId)
106                    throws PortalException, SystemException {
107    
108                    check(
109                            permissionChecker, groupId, plid, portletId, actionId,
110                            DEFAULT_STRICT);
111            }
112    
113            public void check(
114                            PermissionChecker permissionChecker, long groupId, long plid,
115                            String portletId, String actionId, boolean strict)
116                    throws PortalException, SystemException {
117    
118                    if (!contains(
119                                    permissionChecker, groupId, plid, portletId, actionId,
120                                    strict)) {
121    
122                            throw new PrincipalException();
123                    }
124            }
125    
126            public void check(
127                            PermissionChecker permissionChecker, long plid, String portletId,
128                            String actionId)
129                    throws PortalException, SystemException {
130    
131                    check(permissionChecker, plid, portletId, actionId, DEFAULT_STRICT);
132            }
133    
134            public void check(
135                            PermissionChecker permissionChecker, long plid, String portletId,
136                            String actionId, boolean strict)
137                    throws PortalException, SystemException {
138    
139                    if (!contains(permissionChecker, plid, portletId, actionId, strict)) {
140                            throw new PrincipalException();
141                    }
142            }
143    
144            public void check(
145                            PermissionChecker permissionChecker, String portletId,
146                            String actionId)
147                    throws PortalException, SystemException {
148    
149                    if (!contains(permissionChecker, portletId, actionId)) {
150                            throw new PrincipalException();
151                    }
152            }
153    
154            public boolean contains(
155                            PermissionChecker permissionChecker, Layout layout, Portlet portlet,
156                            String actionId)
157                    throws PortalException, SystemException {
158    
159                    return contains(
160                            permissionChecker, layout, portlet, actionId, DEFAULT_STRICT);
161            }
162    
163            public boolean contains(
164                            PermissionChecker permissionChecker, Layout layout, Portlet portlet,
165                            String actionId, boolean strict)
166                    throws PortalException, SystemException {
167    
168                    return contains(
169                            permissionChecker, 0, layout, portlet, actionId, strict);
170            }
171    
172            public boolean contains(
173                            PermissionChecker permissionChecker, Layout layout,
174                            String portletId, String actionId)
175                    throws PortalException, SystemException {
176    
177                    return contains(
178                            permissionChecker, layout, portletId, actionId, DEFAULT_STRICT);
179            }
180    
181            public boolean contains(
182                            PermissionChecker permissionChecker, Layout layout,
183                            String portletId, String actionId, boolean strict)
184                    throws PortalException, SystemException {
185    
186                    return contains(
187                            permissionChecker, 0, layout, portletId, actionId, strict);
188            }
189    
190            public boolean contains(
191                            PermissionChecker permissionChecker, long groupId, Layout layout,
192                            Portlet portlet, String actionId)
193                    throws PortalException, SystemException {
194    
195                    return contains(
196                            permissionChecker, groupId, layout, portlet, actionId,
197                            DEFAULT_STRICT);
198            }
199    
200            public boolean contains(
201                            PermissionChecker permissionChecker, long groupId, Layout layout,
202                            Portlet portlet, String actionId, boolean strict)
203                    throws PortalException, SystemException {
204    
205                    if (portlet.isUndeployedPortlet()) {
206                            return false;
207                    }
208    
209                    if (portlet.isSystem() && actionId.equals(ActionKeys.VIEW)) {
210                            return true;
211                    }
212    
213                    return contains(
214                            permissionChecker, groupId, layout, portlet.getPortletId(),
215                            actionId, strict);
216            }
217    
218            public boolean contains(
219                            PermissionChecker permissionChecker, long groupId, Layout layout,
220                            String portletId, String actionId)
221                    throws PortalException, SystemException {
222    
223                    return contains(
224                            permissionChecker, groupId, layout, portletId, actionId,
225                            DEFAULT_STRICT);
226            }
227    
228            public boolean contains(
229                            PermissionChecker permissionChecker, long groupId, Layout layout,
230                            String portletId, String actionId, boolean strict)
231                    throws PortalException, SystemException {
232    
233                    String name = null;
234                    String primKey = null;
235    
236                    if (layout == null) {
237                            name = portletId;
238                            primKey = portletId;
239    
240                            return permissionChecker.hasPermission(
241                                    groupId, name, primKey, actionId);
242                    }
243    
244                    Group group = layout.getGroup();
245    
246                    groupId = group.getGroupId();
247    
248                    name = PortletConstants.getRootPortletId(portletId);
249                    primKey = getPrimaryKey(layout.getPlid(), portletId);
250    
251                    if (!actionId.equals(ActionKeys.VIEW) &&
252                            (layout instanceof VirtualLayout)) {
253    
254                            return hasCustomizePermission(
255                                    permissionChecker, layout, portletId, actionId);
256                    }
257    
258                    if (!group.isLayoutSetPrototype() &&
259                            !SitesUtil.isLayoutUpdateable(layout) &&
260                            actionId.equals(ActionKeys.CONFIGURATION)) {
261    
262                            return false;
263                    }
264    
265                    Boolean hasPermission = StagingPermissionUtil.hasPermission(
266                            permissionChecker, groupId, name, groupId, name, actionId);
267    
268                    if (hasPermission != null) {
269                            return hasPermission.booleanValue();
270                    }
271    
272                    if (actionId.equals(ActionKeys.VIEW) && group.isControlPanel()) {
273                            return true;
274                    }
275    
276                    if (strict) {
277                            return permissionChecker.hasPermission(
278                                    groupId, name, primKey, actionId);
279                    }
280    
281                    if (hasConfigurePermission(
282                                    permissionChecker, layout, portletId, actionId) ||
283                            hasCustomizePermission(
284                                    permissionChecker, layout, portletId, actionId)) {
285    
286                            return true;
287                    }
288    
289                    return permissionChecker.hasPermission(
290                            groupId, name, primKey, actionId);
291            }
292    
293            public boolean contains(
294                    PermissionChecker permissionChecker, long groupId, long plid,
295                    Collection<Portlet> portlets, String actionId) {
296    
297                    for (Portlet portlet : portlets) {
298                            if (permissionChecker.hasPermission(
299                                            groupId, portlet.getPortletId(), portlet.getPortletId(),
300                                            ActionKeys.ACCESS_IN_CONTROL_PANEL)) {
301    
302                                    return true;
303                            }
304                    }
305    
306                    return false;
307            }
308    
309            public boolean contains(
310                            PermissionChecker permissionChecker, long groupId, long plid,
311                            Portlet portlet, String actionId)
312                    throws PortalException, SystemException {
313    
314                    Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
315    
316                    return contains(
317                            permissionChecker, groupId, layout, portlet, actionId,
318                            DEFAULT_STRICT);
319            }
320    
321            public boolean contains(
322                            PermissionChecker permissionChecker, long groupId, long plid,
323                            Portlet portlet, String actionId, boolean strict)
324                    throws PortalException, SystemException {
325    
326                    Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
327    
328                    return contains(
329                            permissionChecker, groupId, layout, portlet, actionId, strict);
330            }
331    
332            public boolean contains(
333                            PermissionChecker permissionChecker, long groupId, long plid,
334                            String portletId, String actionId)
335                    throws PortalException, SystemException {
336    
337                    Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
338    
339                    return contains(
340                            permissionChecker, groupId, layout, portletId, actionId,
341                            DEFAULT_STRICT);
342            }
343    
344            public boolean contains(
345                            PermissionChecker permissionChecker, long groupId, long plid,
346                            String portletId, String actionId, boolean strict)
347                    throws PortalException, SystemException {
348    
349                    Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
350    
351                    return contains(
352                            permissionChecker, groupId, layout, portletId, actionId, strict);
353            }
354    
355            public boolean contains(
356                            PermissionChecker permissionChecker, long plid, Portlet portlet,
357                            String actionId)
358                    throws PortalException, SystemException {
359    
360                    Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
361    
362                    return contains(
363                            permissionChecker, layout, portlet, actionId, DEFAULT_STRICT);
364            }
365    
366            public boolean contains(
367                            PermissionChecker permissionChecker, long plid, Portlet portlet,
368                            String actionId, boolean strict)
369                    throws PortalException, SystemException {
370    
371                    Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
372    
373                    return contains(
374                            permissionChecker, 0, layout, portlet, actionId, strict);
375            }
376    
377            public boolean contains(
378                            PermissionChecker permissionChecker, long plid, String portletId,
379                            String actionId)
380                    throws PortalException, SystemException {
381    
382                    Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
383    
384                    return contains(
385                            permissionChecker, layout, portletId, actionId, DEFAULT_STRICT);
386            }
387    
388            public boolean contains(
389                            PermissionChecker permissionChecker, long plid, String portletId,
390                            String actionId, boolean strict)
391                    throws PortalException, SystemException {
392    
393                    Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
394    
395                    return contains(
396                            permissionChecker, 0, layout, portletId, actionId, strict);
397            }
398    
399            public boolean contains(
400                            PermissionChecker permissionChecker, String portletId,
401                            String actionId)
402                    throws PortalException, SystemException {
403    
404                    return contains(permissionChecker, 0, portletId, actionId);
405            }
406    
407            public String getPrimaryKey(long plid, String portletId) {
408                    return String.valueOf(plid).concat(
409                            PortletConstants.LAYOUT_SEPARATOR).concat(portletId);
410            }
411    
412            public boolean hasAccessPermission(
413                            PermissionChecker permissionChecker, long scopeGroupId,
414                            Layout layout, Portlet portlet, PortletMode portletMode)
415                    throws PortalException, SystemException {
416    
417                    if ((layout != null) && layout.isTypeControlPanel()) {
418                            String category = portlet.getControlPanelEntryCategory();
419    
420                            if (Validator.equals(category, PortletCategoryKeys.CONTENT)) {
421                                    layout = null;
422                            }
423                    }
424    
425                    boolean access = contains(
426                            permissionChecker, scopeGroupId, layout, portlet, ActionKeys.VIEW);
427    
428                    if (access && !PropsValues.TCK_URL &&
429                            portletMode.equals(PortletMode.EDIT)) {
430    
431                            access = contains(
432                                    permissionChecker, scopeGroupId, layout, portlet,
433                                    ActionKeys.PREFERENCES);
434                    }
435    
436                    return access;
437            }
438    
439            public boolean hasLayoutManagerPermission(
440                    String portletId, String actionId) {
441    
442                    try {
443                            portletId = PortletConstants.getRootPortletId(portletId);
444    
445                            List<String> layoutManagerActions =
446                                    ResourceActionsUtil.getPortletResourceLayoutManagerActions(
447                                            portletId);
448    
449                            return layoutManagerActions.contains(actionId);
450                    }
451                    catch (Exception e) {
452                            _log.error(e, e);
453    
454                            return false;
455                    }
456            }
457    
458            protected boolean hasConfigurePermission(
459                            PermissionChecker permissionChecker, Layout layout,
460                            String portletId, String actionId)
461                    throws PortalException, SystemException {
462    
463                    if (!actionId.equals(ActionKeys.CONFIGURATION)) {
464                            return false;
465                    }
466    
467                    Portlet portlet = PortletLocalServiceUtil.getPortletById(
468                            layout.getCompanyId(), portletId);
469    
470                    if (portlet.isPreferencesUniquePerLayout()) {
471                            return LayoutPermissionUtil.contains(
472                                    permissionChecker, layout, ActionKeys.CONFIGURE_PORTLETS);
473                    }
474    
475                    return GroupPermissionUtil.contains(
476                            permissionChecker, layout.getGroupId(),
477                            ActionKeys.CONFIGURE_PORTLETS);
478            }
479    
480            protected boolean hasCustomizePermission(
481                            PermissionChecker permissionChecker, Layout layout,
482                            String portletId, String actionId)
483                    throws PortalException, SystemException {
484    
485                    LayoutTypePortlet layoutTypePortlet =
486                            (LayoutTypePortlet)layout.getLayoutType();
487    
488                    if (layoutTypePortlet.isCustomizedView() &&
489                            layoutTypePortlet.isPortletCustomizable(portletId) &&
490                            LayoutPermissionUtil.contains(
491                                    permissionChecker, layout, ActionKeys.CUSTOMIZE)) {
492    
493                            if (actionId.equals(ActionKeys.VIEW)) {
494                                    return true;
495                            }
496                            else if (actionId.equals(ActionKeys.CONFIGURATION)) {
497                                    Portlet portlet = PortletLocalServiceUtil.getPortletById(
498                                            layout.getCompanyId(), portletId);
499    
500                                    if (portlet.isPreferencesUniquePerLayout()) {
501                                            return true;
502                                    }
503                            }
504                    }
505    
506                    return false;
507            }
508    
509            private static Log _log = LogFactoryUtil.getLog(
510                    PortletPermissionImpl.class);
511    
512    }