コード例 #1
0
  @Test
  public void testUpdateExisting() throws Exception {
    long pk = ServiceTestUtil.nextLong();

    ResourcePermission newResourcePermission = _persistence.create(pk);

    newResourcePermission.setCompanyId(ServiceTestUtil.nextLong());

    newResourcePermission.setName(ServiceTestUtil.randomString());

    newResourcePermission.setScope(ServiceTestUtil.nextInt());

    newResourcePermission.setPrimKey(ServiceTestUtil.randomString());

    newResourcePermission.setRoleId(ServiceTestUtil.nextLong());

    newResourcePermission.setOwnerId(ServiceTestUtil.nextLong());

    newResourcePermission.setActionIds(ServiceTestUtil.nextLong());

    _persistence.update(newResourcePermission, false);

    ResourcePermission existingResourcePermission =
        _persistence.findByPrimaryKey(newResourcePermission.getPrimaryKey());

    Assert.assertEquals(
        existingResourcePermission.getResourcePermissionId(),
        newResourcePermission.getResourcePermissionId());
    Assert.assertEquals(
        existingResourcePermission.getCompanyId(), newResourcePermission.getCompanyId());
    Assert.assertEquals(existingResourcePermission.getName(), newResourcePermission.getName());
    Assert.assertEquals(existingResourcePermission.getScope(), newResourcePermission.getScope());
    Assert.assertEquals(
        existingResourcePermission.getPrimKey(), newResourcePermission.getPrimKey());
    Assert.assertEquals(existingResourcePermission.getRoleId(), newResourcePermission.getRoleId());
    Assert.assertEquals(
        existingResourcePermission.getOwnerId(), newResourcePermission.getOwnerId());
    Assert.assertEquals(
        existingResourcePermission.getActionIds(), newResourcePermission.getActionIds());
  }
コード例 #2
0
  public boolean containsWithoutViewableGroup(
      PermissionChecker permissionChecker,
      Layout layout,
      String controlPanelCategory,
      boolean checkLayoutUpdateable,
      String actionId)
      throws PortalException, SystemException {

    if (checkLayoutUpdateable
        && !actionId.equals(ActionKeys.CUSTOMIZE)
        && !actionId.equals(ActionKeys.VIEW)
        && (layout instanceof VirtualLayout)) {

      return false;
    }

    if (actionId.equals(ActionKeys.CUSTOMIZE) && (layout instanceof VirtualLayout)) {

      VirtualLayout virtualLayout = (VirtualLayout) layout;

      layout = virtualLayout.getWrappedModel();
    }

    if (actionId.equals(ActionKeys.DELETE) && !SitesUtil.isLayoutDeleteable(layout)) {

      return false;
    }

    Group group = layout.getGroup();

    if (checkLayoutUpdateable
        && !group.isLayoutSetPrototype()
        && isAttemptToModifyLockedLayout(layout, actionId)) {

      return false;
    }

    User user = UserLocalServiceUtil.getUserById(permissionChecker.getUserId());

    if ((PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6)
        && !user.isDefaultUser()
        && !group.isUser()) {

      // This is new way of doing an ownership check without having to
      // have a userId field on the model. When the instance model was
      // first created, we set the user's userId as the ownerId of the
      // individual scope ResourcePermission of the Owner Role.
      // Therefore, ownership can be determined by obtaining the Owner
      // role ResourcePermission for the current instance model and
      // testing it with the hasOwnerPermission call.

      ResourcePermission resourcePermission =
          ResourcePermissionLocalServiceUtil.getResourcePermission(
              layout.getCompanyId(),
              Layout.class.getName(),
              ResourceConstants.SCOPE_INDIVIDUAL,
              String.valueOf(layout.getPlid()),
              permissionChecker.getOwnerRoleId());

      if (permissionChecker.hasOwnerPermission(
          layout.getCompanyId(),
          Layout.class.getName(),
          String.valueOf(layout.getPlid()),
          resourcePermission.getOwnerId(),
          actionId)) {

        return true;
      }
    }

    if (GroupPermissionUtil.contains(
        permissionChecker, layout.getGroupId(), ActionKeys.MANAGE_LAYOUTS)) {

      return true;
    } else if (actionId.equals(ActionKeys.ADD_LAYOUT)
        && GroupPermissionUtil.contains(
            permissionChecker, layout.getGroupId(), ActionKeys.ADD_LAYOUT)) {

      return true;
    }

    if (PropsValues.PERMISSIONS_VIEW_DYNAMIC_INHERITANCE && !actionId.equals(ActionKeys.VIEW)) {

      // Check upward recursively to see if any pages above grant the
      // action

      long parentLayoutId = layout.getParentLayoutId();

      while (parentLayoutId != LayoutConstants.DEFAULT_PARENT_LAYOUT_ID) {
        Layout parentLayout =
            LayoutLocalServiceUtil.getLayout(
                layout.getGroupId(), layout.isPrivateLayout(), parentLayoutId);

        if (contains(permissionChecker, parentLayout, controlPanelCategory, actionId)) {

          return true;
        }

        parentLayoutId = parentLayout.getParentLayoutId();
      }
    }

    try {
      if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
        if (ResourcePermissionLocalServiceUtil.getResourcePermissionsCount(
                layout.getCompanyId(),
                Layout.class.getName(),
                ResourceConstants.SCOPE_INDIVIDUAL,
                String.valueOf(layout.getPlid()))
            == 0) {

          throw new NoSuchResourceException();
        }
      } else {
        ResourceLocalServiceUtil.getResource(
            layout.getCompanyId(),
            Layout.class.getName(),
            ResourceConstants.SCOPE_INDIVIDUAL,
            String.valueOf(layout.getPlid()));
      }
    } catch (NoSuchResourceException nsre) {
      boolean addGroupPermission = true;
      boolean addGuestPermission = true;

      if (layout.isPrivateLayout()) {
        addGuestPermission = false;
      }

      ResourceLocalServiceUtil.addResources(
          layout.getCompanyId(),
          layout.getGroupId(),
          0,
          Layout.class.getName(),
          layout.getPlid(),
          false,
          addGroupPermission,
          addGuestPermission);
    }

    return permissionChecker.hasPermission(
        layout.getGroupId(), Layout.class.getName(), layout.getPlid(), actionId);
  }