Search in sources :

Example 1 with PermissionChecker

use of com.liferay.portal.security.permission.PermissionChecker in project liferay-ide by liferay.

the class WebServerServlet method service.

@Override
public void service(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException {
    User user = null;
    try {
        user = _getUser(request);
        PrincipalThreadLocal.setName(user.getUserId());
        PrincipalThreadLocal.setPassword(PortalUtil.getUserPassword(request));
        PermissionChecker permissionChecker = PermissionCheckerFactoryUtil.create(user, true);
        PermissionThreadLocal.setPermissionChecker(permissionChecker);
        if (_lastModified) {
            long lastModified = getLastModified(request);
            if (lastModified > 0) {
                long ifModifiedSince = request.getDateHeader(HttpHeaders.IF_MODIFIED_SINCE);
                if ((ifModifiedSince > 0) && (ifModifiedSince == lastModified)) {
                    response.setStatus(HttpServletResponse.SC_NOT_MODIFIED);
                    return;
                }
            }
            if (lastModified > 0) {
                response.setDateHeader(HttpHeaders.LAST_MODIFIED, lastModified);
            }
        }
        String path = HttpUtil.fixPath(request.getPathInfo());
        String[] pathArray = StringUtil.split(path, CharPool.SLASH);
        if (pathArray.length == 0) {
            sendGroups(response, user, request.getServletPath() + StringPool.SLASH + path);
        } else {
            if (_PATH_DDL.equals(pathArray[0])) {
                sendDDLRecordFile(request, response, pathArray);
            } else if (Validator.isNumber(pathArray[0])) {
                sendFile(request, response, user, pathArray);
            } else {
                if (isLegacyImageGalleryImageId(request, response)) {
                    return;
                }
                Image image = getImage(request, true);
                if (image != null) {
                    writeImage(image, request, response);
                } else {
                    sendDocumentLibrary(request, response, user, request.getServletPath() + StringPool.SLASH + path, pathArray);
                }
            }
        }
    } catch (NoSuchFileEntryException nsfee) {
        PortalUtil.sendError(HttpServletResponse.SC_NOT_FOUND, nsfee, request, response);
    } catch (PrincipalException pe) {
        processPrincipalException(pe, user, request, response);
    } catch (Exception e) {
        PortalUtil.sendError(e, request, response);
    }
}
Also used : User(com.liferay.portal.model.User) PrincipalException(com.liferay.portal.security.auth.PrincipalException) PermissionChecker(com.liferay.portal.security.permission.PermissionChecker) NoSuchFileEntryException(com.liferay.portlet.documentlibrary.NoSuchFileEntryException) Image(com.liferay.portal.model.Image) RenderedImage(java.awt.image.RenderedImage) ServletException(javax.servlet.ServletException) RepositoryException(com.liferay.portal.kernel.repository.RepositoryException) NoSuchFileEntryException(com.liferay.portlet.documentlibrary.NoSuchFileEntryException) NoSuchFolderException(com.liferay.portlet.documentlibrary.NoSuchFolderException) PrincipalException(com.liferay.portal.security.auth.PrincipalException) PortalException(com.liferay.portal.kernel.exception.PortalException) SystemException(com.liferay.portal.kernel.exception.SystemException) IOException(java.io.IOException) NoSuchGroupException(com.liferay.portal.NoSuchGroupException)

Example 2 with PermissionChecker

use of com.liferay.portal.security.permission.PermissionChecker in project liferay-ide by liferay.

the class MeetupsPortlet method deleteMeetupsEntry.

public void deleteMeetupsEntry(ActionRequest actionRequest, ActionResponse actionResponse) throws Exception {
    ThemeDisplay themeDisplay = (ThemeDisplay) actionRequest.getAttribute(WebKeys.THEME_DISPLAY);
    PermissionChecker permissionChecker = themeDisplay.getPermissionChecker();
    if (!permissionChecker.isCompanyAdmin()) {
        return;
    }
    long meetupsEntryId = ParamUtil.getLong(actionRequest, "meetupsEntryId");
    MeetupsEntryLocalServiceUtil.deleteMeetupsEntry(meetupsEntryId);
}
Also used : PermissionChecker(com.liferay.portal.security.permission.PermissionChecker) ThemeDisplay(com.liferay.portal.theme.ThemeDisplay)

Example 3 with PermissionChecker

use of com.liferay.portal.security.permission.PermissionChecker in project liferay-ide by liferay.

the class EditorPortlet method updateGadget.

@Override
public void updateGadget(ActionRequest actionRequest, ActionResponse actionResponse) throws Exception {
    ThemeDisplay themeDisplay = (ThemeDisplay) actionRequest.getAttribute(WebKeys.THEME_DISPLAY);
    PermissionChecker permissionChecker = themeDisplay.getPermissionChecker();
    long groupId = themeDisplay.getScopeGroupId();
    String cmd = ParamUtil.getString(actionRequest, Constants.CMD);
    if (cmd.equals(Constants.ADD)) {
        GadgetPermission.check(permissionChecker, groupId, ActionKeys.PUBLISH_GADGET);
        Gadget gadget = doAddGadget(actionRequest, actionResponse);
        String publishGadgetRedirect = ParamUtil.getString(actionRequest, "publishGadgetRedirect");
        boolean unpublishPermission = GadgetPermission.contains(permissionChecker, groupId, gadget.getGadgetId(), ActionKeys.DELETE);
        publishGadgetRedirect = HttpUtil.addParameter(publishGadgetRedirect, "unpublishPermission", unpublishPermission);
        publishGadgetRedirect = HttpUtil.addParameter(publishGadgetRedirect, "gadgetId", gadget.getGadgetId());
        actionResponse.sendRedirect(publishGadgetRedirect);
    } else {
        long gadgetId = ParamUtil.getLong(actionRequest, "gadgetId");
        GadgetPermission.check(permissionChecker, groupId, gadgetId, ActionKeys.UPDATE);
        doUpdateGadget(actionRequest, actionResponse);
    }
}
Also used : Gadget(com.liferay.opensocial.model.Gadget) PermissionChecker(com.liferay.portal.security.permission.PermissionChecker) ThemeDisplay(com.liferay.portal.theme.ThemeDisplay)

Example 4 with PermissionChecker

use of com.liferay.portal.security.permission.PermissionChecker in project liferay-ide by liferay.

the class EditorPortlet method serveGetFolderChildren.

protected void serveGetFolderChildren(ResourceRequest resourceRequest, ResourceResponse resourceResponse) throws Exception {
    ThemeDisplay themeDisplay = (ThemeDisplay) resourceRequest.getAttribute(WebKeys.THEME_DISPLAY);
    long repositoryId = ParamUtil.getLong(resourceRequest, "repositoryId");
    long folderId = ParamUtil.getLong(resourceRequest, "folderId");
    List<Folder> folders = DLAppServiceUtil.getFolders(repositoryId, folderId);
    folders = ListUtil.sort(folders, new RepositoryModelNameComparator(true));
    JSONArray jsonArray = JSONFactoryUtil.createJSONArray();
    for (Folder folder : folders) {
        JSONObject jsonObject = JSONFactoryUtil.createJSONObject();
        jsonObject.put("entryId", folder.getFolderId());
        jsonObject.put("label", folder.getName());
        jsonObject.put("leaf", false);
        jsonObject.put("type", "editor");
        jsonArray.put(jsonObject);
    }
    boolean getFileEntries = ParamUtil.getBoolean(resourceRequest, "getFileEntries");
    if (getFileEntries) {
        PermissionChecker permissionChecker = themeDisplay.getPermissionChecker();
        List<FileEntry> fileEntries = DLAppServiceUtil.getFileEntries(repositoryId, folderId);
        fileEntries = ListUtil.sort(fileEntries, new RepositoryModelNameComparator(true));
        for (FileEntry fileEntry : fileEntries) {
            JSONObject jsonObject = JSONFactoryUtil.createJSONObject();
            jsonObject.put("entryId", fileEntry.getFileEntryId());
            String portalURL = PortalUtil.getPortalURL(themeDisplay);
            String fileEntryURL = ShindigUtil.getFileEntryURL(portalURL, fileEntry.getFileEntryId());
            jsonObject.put("fileEntryURL", fileEntryURL);
            long gadgetId = 0;
            try {
                Gadget gadget = GadgetLocalServiceUtil.getGadget(themeDisplay.getCompanyId(), fileEntryURL);
                gadgetId = gadget.getGadgetId();
            } catch (Exception e) {
            }
            jsonObject.put("gadgetId", gadgetId);
            jsonObject.put("label", fileEntry.getTitle());
            jsonObject.put("leaf", true);
            JSONObject jsonPermissions = JSONFactoryUtil.createJSONObject();
            if (gadgetId > 0) {
                boolean unpublishPermission = GadgetPermission.contains(permissionChecker, themeDisplay.getScopeGroupId(), gadgetId, ActionKeys.DELETE);
                jsonPermissions.put("unpublishPermission", unpublishPermission);
            }
            jsonObject.put("permissions", jsonPermissions);
            jsonObject.put("type", "editor");
            jsonArray.put(jsonObject);
        }
    }
    writeJSON(resourceRequest, resourceResponse, jsonArray);
}
Also used : Gadget(com.liferay.opensocial.model.Gadget) JSONArray(com.liferay.portal.kernel.json.JSONArray) Folder(com.liferay.portal.kernel.repository.model.Folder) IOException(java.io.IOException) PortletException(javax.portlet.PortletException) RepositoryModelNameComparator(com.liferay.portlet.documentlibrary.util.comparator.RepositoryModelNameComparator) JSONObject(com.liferay.portal.kernel.json.JSONObject) PermissionChecker(com.liferay.portal.security.permission.PermissionChecker) FileEntry(com.liferay.portal.kernel.repository.model.FileEntry) ThemeDisplay(com.liferay.portal.theme.ThemeDisplay)

Example 5 with PermissionChecker

use of com.liferay.portal.security.permission.PermissionChecker in project liferay-ide by liferay.

the class SearchPermissionCheckerImpl method doGetPermissionQuery.

protected Query doGetPermissionQuery(long companyId, long[] groupIds, long userId, String className, Query query, SearchContext searchContext) throws Exception {
    Indexer indexer = IndexerRegistryUtil.getIndexer(className);
    if (!indexer.isPermissionAware()) {
        return query;
    }
    PermissionChecker permissionChecker = PermissionThreadLocal.getPermissionChecker();
    AdvancedPermissionChecker advancedPermissionChecker = null;
    if ((permissionChecker != null) && (permissionChecker instanceof AdvancedPermissionChecker)) {
        advancedPermissionChecker = (AdvancedPermissionChecker) permissionChecker;
    }
    if (advancedPermissionChecker == null) {
        return query;
    }
    PermissionCheckerBag permissionCheckerBag = getPermissionCheckerBag(advancedPermissionChecker, userId);
    if (permissionCheckerBag == null) {
        return query;
    }
    List<Group> groups = new UniqueList<Group>();
    List<Role> roles = new UniqueList<Role>();
    List<UserGroupRole> userGroupRoles = new UniqueList<UserGroupRole>();
    Map<Long, List<Role>> groupIdsToRoles = new HashMap<Long, List<Role>>();
    roles.addAll(permissionCheckerBag.getRoles());
    if (ArrayUtil.isEmpty(groupIds)) {
        groups.addAll(GroupLocalServiceUtil.getUserGroups(userId, true));
        groups.addAll(permissionCheckerBag.getGroups());
        userGroupRoles = UserGroupRoleLocalServiceUtil.getUserGroupRoles(userId);
    } else {
        groups.addAll(permissionCheckerBag.getGroups());
        for (long groupId : groupIds) {
            if (GroupLocalServiceUtil.hasUserGroup(userId, groupId)) {
                Group group = GroupLocalServiceUtil.getGroup(groupId);
                groups.add(group);
            }
            userGroupRoles.addAll(UserGroupRoleLocalServiceUtil.getUserGroupRoles(userId, groupId));
            userGroupRoles.addAll(UserGroupRoleLocalServiceUtil.getUserGroupRolesByUserUserGroupAndGroup(userId, groupId));
        }
    }
    if (advancedPermissionChecker.isSignedIn()) {
        roles.add(RoleLocalServiceUtil.getRole(companyId, RoleConstants.GUEST));
    }
    for (Group group : groups) {
        PermissionCheckerBag userBag = advancedPermissionChecker.getUserBag(userId, group.getGroupId());
        List<Role> groupRoles = userBag.getRoles();
        groupIdsToRoles.put(group.getGroupId(), groupRoles);
        roles.addAll(groupRoles);
    }
    return doGetPermissionQuery_6(companyId, groupIds, userId, className, query, searchContext, advancedPermissionChecker, groups, roles, userGroupRoles, groupIdsToRoles);
}
Also used : UserGroupRole(com.liferay.portal.model.UserGroupRole) Group(com.liferay.portal.model.Group) HashMap(java.util.HashMap) PermissionCheckerBag(com.liferay.portal.security.permission.PermissionCheckerBag) UniqueList(com.liferay.portal.kernel.util.UniqueList) UserGroupRole(com.liferay.portal.model.UserGroupRole) Role(com.liferay.portal.model.Role) Indexer(com.liferay.portal.kernel.search.Indexer) SearchPermissionChecker(com.liferay.portal.kernel.search.SearchPermissionChecker) PermissionChecker(com.liferay.portal.security.permission.PermissionChecker) AdvancedPermissionChecker(com.liferay.portal.security.permission.AdvancedPermissionChecker) AdvancedPermissionChecker(com.liferay.portal.security.permission.AdvancedPermissionChecker) ArrayList(java.util.ArrayList) UniqueList(com.liferay.portal.kernel.util.UniqueList) List(java.util.List)

Aggregations

PermissionChecker (com.liferay.portal.security.permission.PermissionChecker)16 ThemeDisplay (com.liferay.portal.theme.ThemeDisplay)10 IOException (java.io.IOException)3 Gadget (com.liferay.opensocial.model.Gadget)2 User (com.liferay.portal.model.User)2 ServletException (javax.servlet.ServletException)2 Calendar (com.liferay.calendar.model.Calendar)1 CalendarResource (com.liferay.calendar.model.CalendarResource)1 KBArticle (com.liferay.knowledgebase.model.KBArticle)1 NoSuchGroupException (com.liferay.portal.NoSuchGroupException)1 PortalException (com.liferay.portal.kernel.exception.PortalException)1 SystemException (com.liferay.portal.kernel.exception.SystemException)1 JSONArray (com.liferay.portal.kernel.json.JSONArray)1 JSONObject (com.liferay.portal.kernel.json.JSONObject)1 RepositoryException (com.liferay.portal.kernel.repository.RepositoryException)1 FileEntry (com.liferay.portal.kernel.repository.model.FileEntry)1 Folder (com.liferay.portal.kernel.repository.model.Folder)1 Indexer (com.liferay.portal.kernel.search.Indexer)1 SearchPermissionChecker (com.liferay.portal.kernel.search.SearchPermissionChecker)1 UploadPortletRequest (com.liferay.portal.kernel.upload.UploadPortletRequest)1