Create Custom Permission and Show/Hide Content on the Basis of Permission by Using Permission Checker


Today we will discuss How to create our own Custom permission in Liferay and then Show or Hide content on the basis of Permission associated with the User. Also we create model level permission so that Permission can be apply to a particular Model. Before reading this you must know how to create Services for this you can read my previous blog Service Builder in Detail and how to create Role and assign user to that role for this you may refer Role Creation.

Lets Start this step by step:-

Step 1:-Create Project and service.xml
Create a Liferay Project and then create a generic Portlet in it.Then You can create service as mention in my previous article Service Builder in Detail .

service.xml






Step 2:-Create default.xml
Create a folder resource-actions inside src. Inside this folder create a xml file default.xml and paste this content:-

default.xml

Explanation :-

1) <portlet-resource>

  • Inside <portlet-resource></portlet-resource> tags we define permissions at Portlet Level. 
  • Inside <supports></supports> we define actions keys like ADD_EMPLOYEE.
  • View,Configuration,Add to page these permissions are already provided by liferay no need to define these again.
  • <guest-defaults> and <guest-unsupported> tags are used to define that guest User can see portlet or not. In this we disable guest unsupported so without login no one is able to see the portlet.

2) <model-resource>

  • Similar to portlet Resource but here permission is applied for model.
  • Inside <model-name> we pass the complete path of model class.


Step 3:-Provide entry of default.xml
We have to provide entry of default.xml to liferay so create portlet.properties file inside src and paste this content:-

include-and-override=portlet-ext.properties
language.bundle=content.Language
resource.actions.configs=resource-actions/default.xml

After that create a folder content and inside this create Language.properties in it and paste this:-

action.ADD_EMPLOYEE=Add Employee

Here note that we create permission with ADD_EMPLOYEE but map with action.ADD_EMPLOYEE because liferay create permission with prefix action.

Check Point:-

Deploy the project and go to control panel-->Roles-->Create New Role with name Custom Permission-->Go to define Permission and search for our Portlet  ie demo



As you can see we create two types of permission portlet level and model level also you can see that Configuration and Add to page automatically created at portlet level.Just Check Add Employee, Configuration and View and Click save.

Now you have a Role(Custom Permission) which contain 3 permissions. Now Create a User with name Custom and assign Role (Custom Permission) to it.

For Detail how to create a Role and Assign Permission just check my previous blog Here.

Step 4:-Check Permission in Controller Class
Open Demo.java Class and paste this Content:-

Demo.java


Explanation:-

Here we use PermissionChecker class hasPermission() which return boolean we print message on the basis of result. 

Note that We use permission that is mention in defaut.xml as ADD_EMPLOYEE rather than Add Employee which is mention in Language.property file.


Step 5:-Check Permission in view.jsp
Sometimes we Show/Hide Content on the basis of Permission in jsp so open view.jsp and paste this:-

view.jsp

Explanation


  • Here we use theme object which provide us portletDisplay and scopeGroupId objects.
  • Also we use JSTL so we have to provide entries in liferay-plugin-package.properties file.


Step 6:-Check Output
Now Deploy the project and hit the browser:-

Output 1:- When User not logged in



Because in default we disable view for Guest. ie
           <guest-unsupported>               
                <action-key>VIEW</action-key>
                <action-key>ADD_EMPLOYEE</action-key>
            </guest-unsupported>


Output 2:- When User logged in as Admin


On Console message appears as: Can Add Employees 

Output 3:- When User logged in as Custom(the user which has  Custom Permission role)
On Console message appears as: Can Not Add Employees

Now Only One thing is remain if you want to use Model level permission for role checking then you have to add resource each time you add model object and delete resource each time you delete model.So lets see how to add Resource and delete Resource with model.

Step 7(Optional):-Add/Delete Resource with model
Now open EmployeeLocalServiceImpl and create a method addEmployee and inside this use addResources. Syntax of addResources is:-

public void addResources( String companyId, String groupId, String userId, String name,
 String primKey, boolean portletActions,boolean addCommunityPermissions, boolean addGuestPermissions);

portletActions=>true(if you're adding portlet action permissions)
                          false(if you're adding Model resource permissions)

addCommunityPermissions=>Default permission for Group
addGuestPermissions=>Default permission for guest User.

So from your add method call it as:-

ResourceLocalServiceUtil.addResources(employee.getCompanyId(),  employee.getGroupId(), employee.getUserId(),Employee.class.getName(), employee.getEmployeeId(), false,  addCommunityPermissions, addGuestPermissions);

And From Delete method call it as:-

ResourceLocalServiceUtil.deleteResource(employee.getCompanyId(),  Employee.class.getName(),
Resource.SCOPE_INDIVIDUAL, employee.getEmployeeId);

Project Structure:-




You can Download Source code from Create Custom Permission in Liferay

Hope this will Help....





Related Post:-