Implementing Permissions
Step 2 of 4
The last step introduced the concept of resources. Resources are data stored
with your entities that define how they can be accessed. For example, when the
configuration in your default.xml files is applied to your application’s
entities in the database, resources are created. These resources are then used
in conjunction with Liferay DXP’s permissions system to determine who can do what
to the entities.
Liferay DXP provides a complete API for managing resources that’s integrated with Service Builder. This API is injected into your implementation classes automatically. To manage the resources, all you must do is call the API in the service’s add and delete methods. Follow these steps to do this in your application:
-
In your
guestbook-servicemodule, openGuestbookLocalServiceImpl.javafrom thecom.liferay.docs.guestbook.service.implpackage. -
Just before the
addGuestbookmethod’sreturnstatement, add this code:resourceLocalService.addResources(user.getCompanyId(), groupId, userId, Guestbook.class.getName(), guestbookId, false, true, true);Note that the
resourceLocalServiceobject is already there, ready for you to use. This is one of several utilities that are injected automatically by Service Builder. You’ll see the rest in the future.This code adds a resource to Liferay DXP’s database to correspond with your entity (note that the
guestbookIdis included in the call). The three booleans at the end are settings. The first is whether to add portlet action permissions. This should only betrueif the permission is for a portlet resource. Since this permission is for a model resource (an entity), it’sfalse. The other two are settings for adding group and guest permissions. If you set these totrue, you’ll add the default permissions you defined in the permissions configuration file (default.xml) in the previous step. Since you definitely want to do this, these booleans are set totrue. -
Next, go to the
updateGuestbookmethod. Add a similar bit of code in betweenguestbookPersistence.update(guestbook);and thereturnstatement:resourceLocalService.updateResources(serviceContext.getCompanyId(), serviceContext.getScopeGroupId(), Guestbook.class.getName(), guestbookId, serviceContext.getGroupPermissions(), serviceContext.getGuestPermissions()); -
Now you’ll do the same for
deleteGuestbook. Add this code in betweenguestbook = deleteGuestbook(guestbook);and thereturnstatement:resourceLocalService.deleteResource(serviceContext.getCompanyId(), Guestbook.class.getName(), ResourceConstants.SCOPE_INDIVIDUAL, guestbookId); -
Hit [CTRL]+[SHIFT]+O to organize the imports and save the file.
-
Now you’ll add resources for the
Entryentity. OpenEntryLocalServiceImpl.javafrom the same package. ForaddEntry, add a line of code that adds resources for this entity, just before the return statement:resourceLocalService.addResources(user.getCompanyId(), groupId, userId, Entry.class.getName(), entryId, false, true, true); -
For
deleteEntry, add this code just before thereturnstatement:resourceLocalService.deleteResource( serviceContext.getCompanyId(), Entry.class.getName(), ResourceConstants.SCOPE_INDIVIDUAL, entryId); -
Finally, find
updateEntryand add its resource action, also just before thereturnstatement:resourceLocalService.updateResources( user.getCompanyId(), serviceContext.getScopeGroupId(), Entry.class.getName(), entryId, serviceContext.getGroupPermissions(), serviceContext.getGuestPermissions());
That’s all it takes to add permissions resources. Future entities added to the database are fully permissions-enabled. Note, however, that any entities you’ve already added to your Guestbook application in the portal don’t have resources and thus can’t be protected by permissions. You’ll fix this at the end of this section.
Next, you’ll create helper classes to make it easier to check permissions.