コード例 #1
0
  @Override
  public void checkControlPanelPortletPreferences(ThemeDisplay themeDisplay, Portlet portlet)
      throws PortalException {

    Layout layout = themeDisplay.getLayout();

    Group group = layout.getGroup();

    if (!group.isControlPanel()) {
      return;
    }

    String portletId = portlet.getPortletId();

    boolean hasControlPanelAccessPermission =
        PortletPermissionUtil.hasControlPanelAccessPermission(
            themeDisplay.getPermissionChecker(), themeDisplay.getScopeGroupId(), portletId);

    if (!hasControlPanelAccessPermission) {
      return;
    }

    PortletPreferences portletSetup = getStrictLayoutPortletSetup(layout, portletId);

    if (portletSetup instanceof StrictPortletPreferencesImpl) {
      getLayoutPortletSetup(layout, portletId);
    }

    if (portlet.isInstanceable()) {
      return;
    }

    PortletPreferencesIds portletPreferencesIds =
        getPortletPreferencesIds(
            themeDisplay.getScopeGroupId(), themeDisplay.getUserId(), layout, portletId, false);

    PortletPreferences portletPreferences =
        PortletPreferencesLocalServiceUtil.fetchPreferences(portletPreferencesIds);

    if (portletPreferences != null) {
      return;
    }

    PortletPreferencesLocalServiceUtil.getPreferences(portletPreferencesIds);
  }
コード例 #2
0
  protected boolean isViewableGroup(
      PermissionChecker permissionChecker,
      Layout layout,
      String controlPanelCategory,
      boolean checkResourcePermission)
      throws PortalException, SystemException {

    Group group = GroupLocalServiceUtil.getGroup(layout.getGroupId());

    // Inactive sites are not viewable

    if (!group.isActive()) {
      return false;
    } else if (group.isStagingGroup()) {
      Group liveGroup = group.getLiveGroup();

      if (!liveGroup.isActive()) {
        return false;
      }
    }

    // User private layouts are only viewable by the user and anyone who can
    // update the user. The user must also be active.

    if (group.isUser()) {
      long groupUserId = group.getClassPK();

      if (groupUserId == permissionChecker.getUserId()) {
        return true;
      }

      User groupUser = UserLocalServiceUtil.getUserById(groupUserId);

      if (!groupUser.isActive()) {
        return false;
      }

      if (layout.isPrivateLayout()) {
        if (GroupPermissionUtil.contains(
                permissionChecker, groupUser.getGroupId(), ActionKeys.MANAGE_LAYOUTS)
            || UserPermissionUtil.contains(
                permissionChecker,
                groupUserId,
                groupUser.getOrganizationIds(),
                ActionKeys.UPDATE)) {

          return true;
        }

        return false;
      }
    }

    // If the current group is staging, only users with editorial rights
    // can access it

    if (group.isStagingGroup()) {
      if (GroupPermissionUtil.contains(
          permissionChecker, group.getGroupId(), ActionKeys.VIEW_STAGING)) {

        return true;
      }

      return false;
    }

    // Control panel layouts are only viewable by authenticated users

    if (group.isControlPanel()) {
      if (!permissionChecker.isSignedIn()) {
        return false;
      }

      if (PortalPermissionUtil.contains(permissionChecker, ActionKeys.VIEW_CONTROL_PANEL)) {

        return true;
      }

      if (Validator.isNotNull(controlPanelCategory)) {
        return true;
      }

      return false;
    }

    // Site layouts are only viewable by users who are members of the site
    // or by users who can update the site

    if (group.isSite()) {
      if (GroupPermissionUtil.contains(
              permissionChecker, group.getGroupId(), ActionKeys.MANAGE_LAYOUTS)
          || GroupPermissionUtil.contains(
              permissionChecker, group.getGroupId(), ActionKeys.UPDATE)) {

        return true;
      }

      if (layout.isPrivateLayout() && !permissionChecker.isGroupMember(group.getGroupId())) {

        return false;
      }
    }

    // Organization site layouts are also viewable by users who belong to
    // the organization or by users who can update organization

    if (group.isCompany()) {
      return false;
    } else if (group.isLayoutPrototype()) {
      if (LayoutPrototypePermissionUtil.contains(
          permissionChecker, group.getClassPK(), ActionKeys.VIEW)) {

        return true;
      }

      return false;
    } else if (group.isLayoutSetPrototype()) {
      if (LayoutSetPrototypePermissionUtil.contains(
          permissionChecker, group.getClassPK(), ActionKeys.VIEW)) {

        return true;
      }

      return false;
    } else if (group.isOrganization()) {
      long organizationId = group.getOrganizationId();

      if (OrganizationLocalServiceUtil.hasUserOrganization(
          permissionChecker.getUserId(), organizationId, false, false)) {

        return true;
      } else if (OrganizationPermissionUtil.contains(
          permissionChecker, organizationId, ActionKeys.UPDATE)) {

        return true;
      }

      if (!PropsValues.ORGANIZATIONS_MEMBERSHIP_STRICT) {
        List<Organization> userOrgs =
            OrganizationLocalServiceUtil.getUserOrganizations(permissionChecker.getUserId());

        for (Organization organization : userOrgs) {
          for (Organization ancestorOrganization : organization.getAncestors()) {

            if (organizationId == ancestorOrganization.getOrganizationId()) {

              return true;
            }
          }
        }
      }
    } else if (group.isUserGroup()) {
      if (UserGroupPermissionUtil.contains(
          permissionChecker, group.getClassPK(), ActionKeys.UPDATE)) {

        return true;
      }
    }

    // Only check the actual Layout if all of the above failed

    if (containsWithoutViewableGroup(
        permissionChecker, layout, controlPanelCategory, ActionKeys.VIEW)) {

      return true;
    }

    // As a last resort, check if any top level pages are viewable by the
    // user

    List<Layout> layouts =
        LayoutLocalServiceUtil.getLayouts(
            layout.getGroupId(),
            layout.isPrivateLayout(),
            LayoutConstants.DEFAULT_PARENT_LAYOUT_ID);

    for (Layout curLayout : layouts) {
      if (!curLayout.isHidden()
          && containsWithoutViewableGroup(
              permissionChecker, curLayout, controlPanelCategory, ActionKeys.VIEW)) {

        return true;
      }
    }

    return false;
  }