Пример #1
0
  public static String getLayoutsJSON(
      HttpServletRequest request,
      long groupId,
      boolean privateLayout,
      long parentLayoutId,
      long[] expandedLayoutIds)
      throws Exception {

    ThemeDisplay themeDisplay = (ThemeDisplay) request.getAttribute(WebKeys.THEME_DISPLAY);

    JSONArray jsonArray = JSONFactoryUtil.createJSONArray();

    List<Layout> layoutAncestors = null;

    long selPlid = ParamUtil.getLong(request, "selPlid");

    if (selPlid != 0) {
      Layout selLayout = LayoutLocalServiceUtil.getLayout(selPlid);

      layoutAncestors = selLayout.getAncestors();
    }

    List<Layout> layouts = getLayouts(request, groupId, privateLayout, parentLayoutId);

    for (Layout layout : layouts) {
      JSONObject jsonObject = JSONFactoryUtil.createJSONObject();

      if ((layoutAncestors != null) && layoutAncestors.contains(layout)
          || ArrayUtil.contains(expandedLayoutIds, layout.getLayoutId())) {

        String childrenJSON = StringPool.BLANK;

        if (layout instanceof VirtualLayout) {
          VirtualLayout virtualLayout = (VirtualLayout) layout;

          childrenJSON =
              getLayoutsJSON(
                  request,
                  virtualLayout.getSourceGroupId(),
                  virtualLayout.getPrivateLayout(),
                  virtualLayout.getLayoutId(),
                  expandedLayoutIds);

        } else {
          childrenJSON =
              getLayoutsJSON(
                  request,
                  groupId,
                  layout.getPrivateLayout(),
                  layout.getLayoutId(),
                  expandedLayoutIds);
        }

        jsonObject.put("children", JSONFactoryUtil.createJSONArray(childrenJSON));
      }

      jsonObject.put("contentDisplayPage", layout.isContentDisplayPage());
      jsonObject.put("friendlyURL", layout.getFriendlyURL());

      if (layout instanceof VirtualLayout) {
        VirtualLayout virtualLayout = (VirtualLayout) layout;

        jsonObject.put("groupId", virtualLayout.getSourceGroupId());
      } else {
        jsonObject.put("groupId", layout.getGroupId());
      }

      jsonObject.put("hasChildren", layout.hasChildren());
      jsonObject.put("layoutId", layout.getLayoutId());
      jsonObject.put("name", layout.getName(themeDisplay.getLocale()));
      jsonObject.put("parentLayoutId", layout.getParentLayoutId());
      jsonObject.put("plid", layout.getPlid());
      jsonObject.put("priority", layout.getPriority());
      jsonObject.put("privateLayout", layout.isPrivateLayout());
      jsonObject.put("type", layout.getType());
      jsonObject.put("updateable", SitesUtil.isLayoutUpdateable(layout));
      jsonObject.put("uuid", layout.getUuid());

      LayoutRevision layoutRevision = LayoutStagingUtil.getLayoutRevision(layout);

      if (layoutRevision != null) {
        User user = themeDisplay.getUser();

        long recentLayoutSetBranchId =
            StagingUtil.getRecentLayoutSetBranchId(user, layout.getLayoutSet().getLayoutSetId());

        if (StagingUtil.isIncomplete(layout, recentLayoutSetBranchId)) {
          jsonObject.put("incomplete", true);
        }

        long layoutSetBranchId = layoutRevision.getLayoutSetBranchId();

        LayoutSetBranch layoutSetBranch =
            LayoutSetBranchLocalServiceUtil.getLayoutSetBranch(layoutSetBranchId);

        LayoutBranch layoutBranch = layoutRevision.getLayoutBranch();

        if (!layoutBranch.isMaster()) {
          jsonObject.put("layoutBranchId", layoutBranch.getLayoutBranchId());
          jsonObject.put("layoutBranchName", layoutBranch.getName());
        }

        jsonObject.put("layoutRevisionId", layoutRevision.getLayoutRevisionId());
        jsonObject.put("layoutSetBranchId", layoutSetBranchId);
        jsonObject.put("layoutSetBranchName", layoutSetBranch.getName());
      }

      jsonArray.put(jsonObject);
    }

    return jsonArray.toString();
  }
  public boolean containsWithoutViewableGroup(
      PermissionChecker permissionChecker,
      Layout layout,
      String controlPanelCategory,
      boolean checkLayoutUpdateable,
      String actionId)
      throws PortalException, SystemException {

    if (checkLayoutUpdateable
        && !actionId.equals(ActionKeys.CUSTOMIZE)
        && !actionId.equals(ActionKeys.VIEW)
        && (layout instanceof VirtualLayout)) {

      return false;
    }

    if (actionId.equals(ActionKeys.CUSTOMIZE) && (layout instanceof VirtualLayout)) {

      VirtualLayout virtualLayout = (VirtualLayout) layout;

      layout = virtualLayout.getWrappedModel();
    }

    if (actionId.equals(ActionKeys.DELETE) && !SitesUtil.isLayoutDeleteable(layout)) {

      return false;
    }

    Group group = layout.getGroup();

    if (checkLayoutUpdateable
        && !group.isLayoutSetPrototype()
        && isAttemptToModifyLockedLayout(layout, actionId)) {

      return false;
    }

    User user = UserLocalServiceUtil.getUserById(permissionChecker.getUserId());

    if ((PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6)
        && !user.isDefaultUser()
        && !group.isUser()) {

      // This is new way of doing an ownership check without having to
      // have a userId field on the model. When the instance model was
      // first created, we set the user's userId as the ownerId of the
      // individual scope ResourcePermission of the Owner Role.
      // Therefore, ownership can be determined by obtaining the Owner
      // role ResourcePermission for the current instance model and
      // testing it with the hasOwnerPermission call.

      ResourcePermission resourcePermission =
          ResourcePermissionLocalServiceUtil.getResourcePermission(
              layout.getCompanyId(),
              Layout.class.getName(),
              ResourceConstants.SCOPE_INDIVIDUAL,
              String.valueOf(layout.getPlid()),
              permissionChecker.getOwnerRoleId());

      if (permissionChecker.hasOwnerPermission(
          layout.getCompanyId(),
          Layout.class.getName(),
          String.valueOf(layout.getPlid()),
          resourcePermission.getOwnerId(),
          actionId)) {

        return true;
      }
    }

    if (GroupPermissionUtil.contains(
        permissionChecker, layout.getGroupId(), ActionKeys.MANAGE_LAYOUTS)) {

      return true;
    } else if (actionId.equals(ActionKeys.ADD_LAYOUT)
        && GroupPermissionUtil.contains(
            permissionChecker, layout.getGroupId(), ActionKeys.ADD_LAYOUT)) {

      return true;
    }

    if (PropsValues.PERMISSIONS_VIEW_DYNAMIC_INHERITANCE && !actionId.equals(ActionKeys.VIEW)) {

      // Check upward recursively to see if any pages above grant the
      // action

      long parentLayoutId = layout.getParentLayoutId();

      while (parentLayoutId != LayoutConstants.DEFAULT_PARENT_LAYOUT_ID) {
        Layout parentLayout =
            LayoutLocalServiceUtil.getLayout(
                layout.getGroupId(), layout.isPrivateLayout(), parentLayoutId);

        if (contains(permissionChecker, parentLayout, controlPanelCategory, actionId)) {

          return true;
        }

        parentLayoutId = parentLayout.getParentLayoutId();
      }
    }

    try {
      if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
        if (ResourcePermissionLocalServiceUtil.getResourcePermissionsCount(
                layout.getCompanyId(),
                Layout.class.getName(),
                ResourceConstants.SCOPE_INDIVIDUAL,
                String.valueOf(layout.getPlid()))
            == 0) {

          throw new NoSuchResourceException();
        }
      } else {
        ResourceLocalServiceUtil.getResource(
            layout.getCompanyId(),
            Layout.class.getName(),
            ResourceConstants.SCOPE_INDIVIDUAL,
            String.valueOf(layout.getPlid()));
      }
    } catch (NoSuchResourceException nsre) {
      boolean addGroupPermission = true;
      boolean addGuestPermission = true;

      if (layout.isPrivateLayout()) {
        addGuestPermission = false;
      }

      ResourceLocalServiceUtil.addResources(
          layout.getCompanyId(),
          layout.getGroupId(),
          0,
          Layout.class.getName(),
          layout.getPlid(),
          false,
          addGroupPermission,
          addGuestPermission);
    }

    return permissionChecker.hasPermission(
        layout.getGroupId(), Layout.class.getName(), layout.getPlid(), actionId);
  }