001: /**
002: * Copyright (c) 2000-2008 Liferay, Inc. All rights reserved.
003: *
004: * Permission is hereby granted, free of charge, to any person obtaining a copy
005: * of this software and associated documentation files (the "Software"), to deal
006: * in the Software without restriction, including without limitation the rights
007: * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
008: * copies of the Software, and to permit persons to whom the Software is
009: * furnished to do so, subject to the following conditions:
010: *
011: * The above copyright notice and this permission notice shall be included in
012: * all copies or substantial portions of the Software.
013: *
014: * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
015: * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
016: * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
017: * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
018: * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
019: * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
020: * SOFTWARE.
021: */package com.liferay.portal.service.impl;
022:
023: import com.liferay.portal.PortalException;
024: import com.liferay.portal.SystemException;
025: import com.liferay.portal.kernel.security.permission.ActionKeys;
026: import com.liferay.portal.kernel.security.permission.PermissionChecker;
027: import com.liferay.portal.kernel.security.permission.PermissionCheckerBag;
028: import com.liferay.portal.kernel.util.GetterUtil;
029: import com.liferay.portal.model.Group;
030: import com.liferay.portal.model.Layout;
031: import com.liferay.portal.model.Resource;
032: import com.liferay.portal.model.Role;
033: import com.liferay.portal.model.User;
034: import com.liferay.portal.model.impl.PortletImpl;
035: import com.liferay.portal.security.auth.PrincipalException;
036: import com.liferay.portal.service.base.PermissionServiceBaseImpl;
037: import com.liferay.portal.service.permission.GroupPermissionUtil;
038: import com.liferay.portal.service.permission.PortletPermissionUtil;
039: import com.liferay.portal.service.permission.UserPermissionUtil;
040:
041: /**
042: * <a href="PermissionServiceImpl.java.html"><b><i>View Source</i></b></a>
043: *
044: * @author Brian Wing Shun Chan
045: *
046: */
047: public class PermissionServiceImpl extends PermissionServiceBaseImpl {
048:
049: public void checkPermission(long groupId, String name,
050: String primKey) throws PortalException, SystemException {
051:
052: checkPermission(getPermissionChecker(), groupId, name, primKey);
053: }
054:
055: public boolean hasGroupPermission(long groupId, String actionId,
056: long resourceId) throws PortalException, SystemException {
057:
058: return permissionLocalService.hasGroupPermission(groupId,
059: actionId, resourceId);
060: }
061:
062: public boolean hasUserPermission(long userId, String actionId,
063: long resourceId) throws PortalException, SystemException {
064:
065: return permissionLocalService.hasUserPermission(userId,
066: actionId, resourceId);
067: }
068:
069: public boolean hasUserPermissions(long userId, long groupId,
070: String actionId, long[] resourceIds,
071: PermissionCheckerBag permissionCheckerBag)
072: throws PortalException, SystemException {
073:
074: return permissionLocalService.hasUserPermissions(userId,
075: groupId, actionId, resourceIds, permissionCheckerBag);
076: }
077:
078: public void setGroupPermissions(long groupId, String[] actionIds,
079: long resourceId) throws PortalException, SystemException {
080:
081: checkPermission(getPermissionChecker(), groupId, resourceId);
082:
083: permissionLocalService.setGroupPermissions(groupId, actionIds,
084: resourceId);
085: }
086:
087: public void setGroupPermissions(String className, String classPK,
088: long groupId, String[] actionIds, long resourceId)
089: throws PortalException, SystemException {
090:
091: checkPermission(getPermissionChecker(), groupId, resourceId);
092:
093: permissionLocalService.setGroupPermissions(className, classPK,
094: groupId, actionIds, resourceId);
095: }
096:
097: public void setOrgGroupPermissions(long organizationId,
098: long groupId, String[] actionIds, long resourceId)
099: throws PortalException, SystemException {
100:
101: checkPermission(getPermissionChecker(), groupId, resourceId);
102:
103: permissionLocalService.setOrgGroupPermissions(organizationId,
104: groupId, actionIds, resourceId);
105: }
106:
107: public void setRolePermission(long roleId, long groupId,
108: String name, int scope, String primKey, String actionId)
109: throws PortalException, SystemException {
110:
111: checkPermission(getPermissionChecker(), groupId, Role.class
112: .getName(), roleId);
113:
114: permissionLocalService.setRolePermission(roleId, getUser()
115: .getCompanyId(), name, scope, primKey, actionId);
116: }
117:
118: public void setRolePermissions(long roleId, long groupId,
119: String[] actionIds, long resourceId)
120: throws PortalException, SystemException {
121:
122: checkPermission(getPermissionChecker(), groupId, resourceId);
123:
124: permissionLocalService.setRolePermissions(roleId, actionIds,
125: resourceId);
126: }
127:
128: public void setUserPermissions(long userId, long groupId,
129: String[] actionIds, long resourceId)
130: throws PortalException, SystemException {
131:
132: checkPermission(getPermissionChecker(), groupId, resourceId);
133:
134: permissionLocalService.setUserPermissions(userId, actionIds,
135: resourceId);
136: }
137:
138: public void unsetRolePermission(long roleId, long groupId,
139: long permissionId) throws SystemException, PortalException {
140:
141: checkPermission(getPermissionChecker(), groupId, Role.class
142: .getName(), roleId);
143:
144: permissionLocalService
145: .unsetRolePermission(roleId, permissionId);
146: }
147:
148: public void unsetRolePermission(long roleId, long groupId,
149: String name, int scope, String primKey, String actionId)
150: throws PortalException, SystemException {
151:
152: checkPermission(getPermissionChecker(), groupId, Role.class
153: .getName(), roleId);
154:
155: permissionLocalService.unsetRolePermission(roleId, getUser()
156: .getCompanyId(), name, scope, primKey, actionId);
157: }
158:
159: public void unsetRolePermissions(long roleId, long groupId,
160: String name, int scope, String actionId)
161: throws PortalException, SystemException {
162:
163: checkPermission(getPermissionChecker(), groupId, Role.class
164: .getName(), roleId);
165:
166: permissionLocalService.unsetRolePermissions(roleId, getUser()
167: .getCompanyId(), name, scope, actionId);
168: }
169:
170: public void unsetUserPermissions(long userId, long groupId,
171: String[] actionIds, long resourceId)
172: throws PortalException, SystemException {
173:
174: checkPermission(getPermissionChecker(), groupId, resourceId);
175:
176: permissionLocalService.unsetUserPermissions(userId, actionIds,
177: resourceId);
178: }
179:
180: protected void checkPermission(PermissionChecker permissionChecker,
181: long groupId, long resourceId) throws PortalException,
182: SystemException {
183:
184: Resource resource = resourcePersistence
185: .findByPrimaryKey(resourceId);
186:
187: checkPermission(permissionChecker, groupId, resource.getName(),
188: resource.getPrimKey().toString());
189: }
190:
191: protected void checkPermission(PermissionChecker permissionChecker,
192: long groupId, String name, long primKey)
193: throws PortalException, SystemException {
194:
195: checkPermission(permissionChecker, groupId, name, String
196: .valueOf(primKey));
197: }
198:
199: protected void checkPermission(PermissionChecker permissionChecker,
200: long groupId, String name, String primKey)
201: throws PortalException, SystemException {
202:
203: if (name.equals(Group.class.getName())) {
204: GroupPermissionUtil.check(permissionChecker, GetterUtil
205: .getLong(primKey), ActionKeys.PERMISSIONS);
206: } else if (name.equals(Layout.class.getName())) {
207: long plid = GetterUtil.getLong(primKey);
208:
209: Layout layout = layoutPersistence.findByPrimaryKey(plid);
210:
211: GroupPermissionUtil.check(permissionChecker, layout
212: .getGroupId(), ActionKeys.MANAGE_LAYOUTS);
213: } else if (name.equals(User.class.getName())) {
214: long userId = GetterUtil.getLong(primKey);
215:
216: User user = userPersistence.findByPrimaryKey(userId);
217:
218: UserPermissionUtil.check(permissionChecker, userId, user
219: .getOrganizationIds(), ActionKeys.PERMISSIONS);
220: } else if ((primKey != null)
221: && (primKey.indexOf(PortletImpl.LAYOUT_SEPARATOR) != -1)) {
222:
223: int pos = primKey.indexOf(PortletImpl.LAYOUT_SEPARATOR);
224:
225: long plid = GetterUtil.getLong(primKey.substring(0, pos));
226:
227: String portletId = primKey.substring(pos
228: + PortletImpl.LAYOUT_SEPARATOR.length(), primKey
229: .length());
230:
231: if (!PortletPermissionUtil.contains(permissionChecker,
232: plid, portletId, ActionKeys.CONFIGURATION)) {
233:
234: throw new PrincipalException();
235: }
236: } else if (!permissionChecker.hasPermission(groupId, name,
237: primKey, ActionKeys.PERMISSIONS)
238: && !permissionChecker.hasPermission(groupId, name,
239: primKey, ActionKeys.DEFINE_PERMISSIONS)) {
240:
241: throw new PrincipalException();
242: }
243: }
244:
245: }
|