1
22
23 package com.liferay.portlet.enterpriseadmin.action;
24
25 import com.liferay.portal.NoSuchRoleException;
26 import com.liferay.portal.kernel.util.ArrayUtil;
27 import com.liferay.portal.kernel.util.Constants;
28 import com.liferay.portal.kernel.util.ParamUtil;
29 import com.liferay.portal.kernel.util.StringUtil;
30 import com.liferay.portal.kernel.util.Validator;
31 import com.liferay.portal.model.Role;
32 import com.liferay.portal.model.impl.GroupImpl;
33 import com.liferay.portal.model.impl.ResourceImpl;
34 import com.liferay.portal.model.impl.RoleImpl;
35 import com.liferay.portal.security.auth.PrincipalException;
36 import com.liferay.portal.security.permission.ResourceActionsUtil;
37 import com.liferay.portal.security.permission.comparator.ActionComparator;
38 import com.liferay.portal.service.PermissionServiceUtil;
39 import com.liferay.portal.service.RoleServiceUtil;
40 import com.liferay.portal.struts.PortletAction;
41 import com.liferay.portal.theme.ThemeDisplay;
42 import com.liferay.portal.util.WebKeys;
43 import com.liferay.util.servlet.SessionErrors;
44 import com.liferay.util.servlet.SessionMessages;
45
46 import java.util.Collections;
47 import java.util.HashMap;
48 import java.util.Iterator;
49 import java.util.List;
50 import java.util.Map;
51
52 import javax.portlet.ActionRequest;
53 import javax.portlet.ActionResponse;
54 import javax.portlet.PortletConfig;
55 import javax.portlet.RenderRequest;
56 import javax.portlet.RenderResponse;
57
58 import org.apache.struts.action.ActionForm;
59 import org.apache.struts.action.ActionForward;
60 import org.apache.struts.action.ActionMapping;
61
62
69 public class EditRolePermissionsAction extends PortletAction {
70
71 public void processAction(
72 ActionMapping mapping, ActionForm form, PortletConfig config,
73 ActionRequest req, ActionResponse res)
74 throws Exception {
75
76 String cmd = ParamUtil.getString(req, Constants.CMD);
77
78 try {
79 if (cmd.equals("actions")) {
80 updateActions(req, res);
81 }
82 else if (cmd.equals("delete_permission")) {
83 deletePermission(req, res);
84 }
85 }
86 catch (Exception e) {
87 if (e instanceof NoSuchRoleException ||
88 e instanceof PrincipalException) {
89
90 SessionErrors.add(req, e.getClass().getName());
91
92 setForward(req, "portlet.enterprise_admin.error");
93 }
94 else {
95 throw e;
96 }
97 }
98 }
99
100 public ActionForward render(
101 ActionMapping mapping, ActionForm form, PortletConfig config,
102 RenderRequest req, RenderResponse res)
103 throws Exception {
104
105 try {
106 ActionUtil.getRole(req);
107 }
108 catch (Exception e) {
109 if (e instanceof NoSuchRoleException ||
110 e instanceof PrincipalException) {
111
112 SessionErrors.add(req, e.getClass().getName());
113
114 return mapping.findForward("portlet.enterprise_admin.error");
115 }
116 else {
117 throw e;
118 }
119 }
120
121 return mapping.findForward(
122 getForward(req, "portlet.enterprise_admin.edit_role_permissions"));
123 }
124
125 protected void deletePermission(ActionRequest req, ActionResponse res)
126 throws Exception {
127
128 ThemeDisplay themeDisplay =
129 (ThemeDisplay)req.getAttribute(WebKeys.THEME_DISPLAY);
130
131 long roleId = ParamUtil.getLong(req, "roleId");
132 long permissionId = ParamUtil.getLong(req, "permissionId");
133
134 PermissionServiceUtil.unsetRolePermission(
135 roleId, themeDisplay.getPortletGroupId(), permissionId);
136
137
139 SessionMessages.add(req, "permissionDeleted");
140
141 String redirect = ParamUtil.getString(req, "redirect");
142
143 res.sendRedirect(redirect);
144 }
145
146 protected void updateActions(ActionRequest req, ActionResponse res)
147 throws Exception {
148
149 ThemeDisplay themeDisplay =
150 (ThemeDisplay)req.getAttribute(WebKeys.THEME_DISPLAY);
151
152 long roleId = ParamUtil.getLong(req, "roleId");
153
154 String portletResource = ParamUtil.getString(req, "portletResource");
155 String[] modelResources = StringUtil.split(
156 ParamUtil.getString(req, "modelResources"));
157
158 Map resourceActionsMap = new HashMap();
159
160 if (Validator.isNotNull(portletResource)) {
161 resourceActionsMap.put(
162 portletResource,
163 ResourceActionsUtil.getResourceActions(
164 themeDisplay.getCompanyId(), portletResource, null));
165 }
166
167 for (int i = 0; i < modelResources.length; i++) {
168 resourceActionsMap.put(
169 modelResources[i],
170 ResourceActionsUtil.getResourceActions(
171 themeDisplay.getCompanyId(), null, modelResources[i]));
172 }
173
174 Iterator itr = resourceActionsMap.keySet().iterator();
175
176 while (itr.hasNext()) {
177 String selResource = (String)itr.next();
178
179 List actions = (List)resourceActionsMap.get(selResource);
180
181 Collections.sort(
182 actions,
183 new ActionComparator(
184 themeDisplay.getCompanyId(), themeDisplay.getLocale()));
185
186 Role role = RoleServiceUtil.getRole(roleId);
187
188 for (int i = 0; i < actions.size(); i++) {
189 String actionId = (String)actions.get(i);
190
191 int scope = ParamUtil.getInteger(
192 req, "scope" + selResource + actionId);
193
194 if (scope == ResourceImpl.SCOPE_COMPANY) {
195 PermissionServiceUtil.setRolePermission(
196 roleId, themeDisplay.getPortletGroupId(), selResource,
197 scope, String.valueOf(themeDisplay.getCompanyId()),
198 actionId);
199 }
200 else if (scope == ResourceImpl.SCOPE_GROUP) {
201 if ((role.getType() == RoleImpl.TYPE_COMMUNITY) ||
202 (role.getType() == RoleImpl.TYPE_ORGANIZATION)) {
203
204 PermissionServiceUtil.setRolePermission(
205 roleId, themeDisplay.getPortletGroupId(),
206 selResource, ResourceImpl.SCOPE_GROUP_TEMPLATE,
207 String.valueOf(GroupImpl.DEFAULT_PARENT_GROUP_ID),
208 actionId);
209 }
210 else {
211 String[] groupIds = StringUtil.split(
212 ParamUtil.getString(
213 req, "groupIds" + selResource + actionId));
214
215 if (groupIds.length == 0) {
216 SessionErrors.add(req, "missingGroupIdsForAction");
217 return;
218 }
219
220 groupIds = ArrayUtil.distinct(groupIds);
221
222 PermissionServiceUtil.unsetRolePermissions(
223 roleId, themeDisplay.getPortletGroupId(),
224 selResource, ResourceImpl.SCOPE_GROUP, actionId);
225
226 for (int j = 0; j < groupIds.length; j++) {
227 PermissionServiceUtil.setRolePermission(
228 roleId, themeDisplay.getPortletGroupId(),
229 selResource, ResourceImpl.SCOPE_GROUP,
230 groupIds[j], actionId);
231 }
232 }
233 }
234 else {
235
236
238 PermissionServiceUtil.unsetRolePermissions(
239 roleId, themeDisplay.getPortletGroupId(), selResource,
240 ResourceImpl.SCOPE_COMPANY, actionId);
241
242 PermissionServiceUtil.unsetRolePermissions(
243 roleId, themeDisplay.getPortletGroupId(), selResource,
244 ResourceImpl.SCOPE_GROUP_TEMPLATE, actionId);
245
246 PermissionServiceUtil.unsetRolePermissions(
247 roleId, themeDisplay.getPortletGroupId(), selResource,
248 ResourceImpl.SCOPE_GROUP, actionId);
249 }
250 }
251 }
252
253
255 SessionMessages.add(req, "permissionsUpdated");
256
257 String redirect =
258 ParamUtil.getString(req, "redirect") + "&" + Constants.CMD + "=" +
259 Constants.VIEW;
260
261 res.sendRedirect(redirect);
262 }
263
264 }