| GroupPermissionImpl.java |
1 /**
2 * Copyright (c) 2000-2009 Liferay, Inc. All rights reserved.
3 *
4 * The contents of this file are subject to the terms of the Liferay Enterprise
5 * Subscription License ("License"). You may not use this file except in
6 * compliance with the License. You can obtain a copy of the License by
7 * contacting Liferay, Inc. See the License for the specific language governing
8 * permissions and limitations under the License, including but not limited to
9 * distribution rights of the Software.
10 *
11 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
12 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
14 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
15 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
16 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
17 * SOFTWARE.
18 */
19
20 package com.liferay.portal.service.permission;
21
22 import com.liferay.portal.PortalException;
23 import com.liferay.portal.SystemException;
24 import com.liferay.portal.model.Group;
25 import com.liferay.portal.model.Organization;
26 import com.liferay.portal.security.auth.PrincipalException;
27 import com.liferay.portal.security.permission.ActionKeys;
28 import com.liferay.portal.security.permission.PermissionChecker;
29 import com.liferay.portal.service.GroupLocalServiceUtil;
30 import com.liferay.portal.service.OrganizationLocalServiceUtil;
31
32 import java.util.List;
33
34 /**
35 * <a href="GroupPermissionImpl.java.html"><b><i>View Source</i></b></a>
36 *
37 * @author Brian Wing Shun Chan
38 *
39 */
40 public class GroupPermissionImpl implements GroupPermission {
41
42 public void check(
43 PermissionChecker permissionChecker, long groupId,
44 String actionId)
45 throws PortalException, SystemException {
46
47 if (!contains(permissionChecker, groupId, actionId)) {
48 throw new PrincipalException();
49 }
50 }
51
52 public boolean contains(
53 PermissionChecker permissionChecker, long groupId, String actionId)
54 throws PortalException, SystemException {
55
56 if (actionId.equals(ActionKeys.MANAGE_LAYOUTS)) {
57 Group group = GroupLocalServiceUtil.getGroup(groupId);
58
59 if (group.isOrganization()) {
60 long organizationId = group.getClassPK();
61
62 return OrganizationPermissionUtil.contains(
63 permissionChecker, organizationId, actionId);
64 }
65 else if (group.isUser()) {
66
67 // An individual user would never reach this block because he
68 // would be an administrator of his own layouts. However, a user
69 // who manages a set of organizations may be modifying pages of
70 // a user he manages.
71
72 long userId = group.getClassPK();
73
74 List<Organization> organizations =
75 OrganizationLocalServiceUtil.getUserOrganizations(
76 userId);
77
78 for (Organization organization : organizations) {
79 if (OrganizationPermissionUtil.contains(
80 permissionChecker, organization.getOrganizationId(),
81 ActionKeys.MANAGE_USERS)) {
82
83 return true;
84 }
85 }
86 }
87 }
88
89 // Group id must be set so that users can modify their personal pages
90
91 return permissionChecker.hasPermission(
92 groupId, Group.class.getName(), groupId, actionId);
93 }
94
95 }