1   /**
2    * Copyright (c) 2000-2010 Liferay, Inc. All rights reserved.
3    *
4    * This library is free software; you can redistribute it and/or modify it under
5    * the terms of the GNU Lesser General Public License as published by the Free
6    * Software Foundation; either version 2.1 of the License, or (at your option)
7    * any later version.
8    *
9    * This library is distributed in the hope that it will be useful, but WITHOUT
10   * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
11   * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
12   * details.
13   */
14  
15  package com.liferay.portal.service.permission;
16  
17  import com.liferay.portal.kernel.exception.PortalException;
18  import com.liferay.portal.kernel.exception.SystemException;
19  import com.liferay.portal.kernel.log.Log;
20  import com.liferay.portal.kernel.log.LogFactoryUtil;
21  import com.liferay.portal.model.Group;
22  import com.liferay.portal.model.Layout;
23  import com.liferay.portal.model.Portlet;
24  import com.liferay.portal.model.PortletConstants;
25  import com.liferay.portal.security.auth.PrincipalException;
26  import com.liferay.portal.security.permission.ActionKeys;
27  import com.liferay.portal.security.permission.PermissionChecker;
28  import com.liferay.portal.security.permission.ResourceActionsUtil;
29  import com.liferay.portal.service.GroupLocalServiceUtil;
30  import com.liferay.portal.service.LayoutLocalServiceUtil;
31  import com.liferay.portal.util.PropsValues;
32  
33  import java.util.List;
34  
35  /**
36   * <a href="PortletPermissionImpl.java.html"><b><i>View Source</i></b></a>
37   *
38   * @author Brian Wing Shun Chan
39   */
40  public class PortletPermissionImpl implements PortletPermission {
41  
42      public static final boolean DEFAULT_STRICT = false;
43  
44      public void check(
45              PermissionChecker permissionChecker, long plid, String portletId,
46              String actionId)
47          throws PortalException, SystemException {
48  
49          check(permissionChecker, plid, portletId, actionId, DEFAULT_STRICT);
50      }
51  
52      public void check(
53              PermissionChecker permissionChecker, long plid, String portletId,
54              String actionId, boolean strict)
55          throws PortalException, SystemException {
56  
57          if (!contains(permissionChecker, plid, portletId, actionId, strict)) {
58              throw new PrincipalException();
59          }
60      }
61  
62      public void check(
63              PermissionChecker permissionChecker, String portletId,
64              String actionId)
65          throws PortalException, SystemException {
66  
67          if (!contains(permissionChecker, portletId, actionId)) {
68              throw new PrincipalException();
69          }
70      }
71  
72      public boolean contains(
73              PermissionChecker permissionChecker, long plid, Portlet portlet,
74              String actionId)
75          throws PortalException, SystemException {
76  
77          return contains(
78              permissionChecker, plid, portlet, actionId, DEFAULT_STRICT);
79      }
80  
81      public boolean contains(
82              PermissionChecker permissionChecker, long plid, Portlet portlet,
83              String actionId, boolean strict)
84          throws PortalException, SystemException {
85  
86          if (portlet.isUndeployedPortlet()) {
87              return false;
88          }
89  
90          boolean value = contains(
91              permissionChecker, plid, portlet.getPortletId(), actionId, strict);
92  
93          if (value) {
94              return true;
95          }
96          else {
97              if (portlet.isSystem() && actionId.equals(ActionKeys.VIEW)) {
98                  return true;
99              }
100             else {
101                 return false;
102             }
103         }
104     }
105 
106     public boolean contains(
107             PermissionChecker permissionChecker, long plid, String portletId,
108             String actionId)
109         throws PortalException, SystemException {
110 
111         return contains(
112             permissionChecker, plid, portletId, actionId, DEFAULT_STRICT);
113     }
114 
115     public boolean contains(
116             PermissionChecker permissionChecker, long plid, String portletId,
117             String actionId, boolean strict)
118         throws PortalException, SystemException {
119 
120         long groupId = 0;
121         String name = null;
122         String primKey = null;
123 
124         if (plid > 0) {
125             Layout layout = LayoutLocalServiceUtil.getLayout(plid);
126 
127             groupId = layout.getGroupId();
128             name = PortletConstants.getRootPortletId(portletId);
129             primKey = getPrimaryKey(plid, portletId);
130 
131             if ((layout.isPrivateLayout() &&
132                  !PropsValues.LAYOUT_USER_PRIVATE_LAYOUTS_MODIFIABLE) ||
133                 (layout.isPublicLayout() &&
134                  !PropsValues.LAYOUT_USER_PUBLIC_LAYOUTS_MODIFIABLE)) {
135 
136                 if (actionId.equals(ActionKeys.CONFIGURATION)) {
137                     Group group = GroupLocalServiceUtil.getGroup(
138                         layout.getGroupId());
139 
140                     if (group.isUser()) {
141                         return false;
142                     }
143                 }
144             }
145 
146             if (actionId.equals(ActionKeys.VIEW)) {
147                 Group group = GroupLocalServiceUtil.getGroup(
148                     layout.getGroupId());
149 
150                 if (group.isControlPanel()) {
151                     return true;
152                 }
153             }
154 
155             if (!strict) {
156                 if (LayoutPermissionUtil.contains(
157                         permissionChecker, groupId, layout.isPrivateLayout(),
158                         layout.getLayoutId(), ActionKeys.UPDATE) &&
159                     hasLayoutManagerPermission(portletId, actionId)) {
160 
161                     return true;
162                 }
163             }
164         }
165         else {
166             name = portletId;
167             primKey = portletId;
168         }
169 
170         return permissionChecker.hasPermission(
171             groupId, name, primKey, actionId);
172     }
173 
174     public boolean contains(
175             PermissionChecker permissionChecker, String portletId,
176             String actionId)
177         throws PortalException, SystemException {
178 
179         return contains(permissionChecker, 0, portletId, actionId);
180     }
181 
182     public String getPrimaryKey(long plid, String portletId) {
183         return String.valueOf(plid).concat(
184             PortletConstants.LAYOUT_SEPARATOR).concat(portletId);
185     }
186 
187     public boolean hasLayoutManagerPermission(
188         String portletId, String actionId) {
189 
190         try {
191             return hasLayoutManagerPermissionImpl(portletId, actionId);
192         }
193         catch (Exception e) {
194             _log.error(e, e);
195 
196             return false;
197         }
198     }
199 
200     protected boolean hasLayoutManagerPermissionImpl(
201         String portletId, String actionId) {
202 
203         portletId = PortletConstants.getRootPortletId(portletId);
204 
205         List<String> layoutManagerActions =
206             ResourceActionsUtil.getPortletResourceLayoutManagerActions(
207                 portletId);
208 
209         return layoutManagerActions.contains(actionId);
210     }
211 
212     private static Log _log = LogFactoryUtil.getLog(
213         PortletPermissionImpl.class);
214 
215 }