001    /**
002     * Copyright (c) 2000-2012 Liferay, Inc. All rights reserved.
003     *
004     * The contents of this file are subject to the terms of the Liferay Enterprise
005     * Subscription License ("License"). You may not use this file except in
006     * compliance with the License. You can obtain a copy of the License by
007     * contacting Liferay, Inc. See the License for the specific language governing
008     * permissions and limitations under the License, including but not limited to
009     * distribution rights of the Software.
010     *
011     *
012     *
013     */
014    
015    package com.liferay.portal.security.permission;
016    
017    import com.liferay.portal.kernel.exception.PortalException;
018    import com.liferay.portal.kernel.exception.SystemException;
019    import com.liferay.portal.model.Group;
020    import com.liferay.portal.model.Organization;
021    import com.liferay.portal.model.OrganizationConstants;
022    import com.liferay.portal.model.Role;
023    import com.liferay.portal.model.RoleConstants;
024    import com.liferay.portal.service.OrganizationLocalServiceUtil;
025    import com.liferay.portal.service.UserGroupRoleLocalServiceUtil;
026    import com.liferay.portal.service.permission.LayoutPrototypePermissionUtil;
027    import com.liferay.portal.service.permission.LayoutSetPrototypePermissionUtil;
028    
029    import java.util.Arrays;
030    import java.util.HashMap;
031    import java.util.List;
032    import java.util.Map;
033    
034    /**
035     * @author Brian Wing Shun Chan
036     */
037    public class PermissionCheckerBagImpl implements PermissionCheckerBag {
038    
039            public PermissionCheckerBagImpl() {
040            }
041    
042            public PermissionCheckerBagImpl(
043                    long userId, List<Group> userGroups, List<Organization> userOrgs,
044                    List<Group> userOrgGroups, List<Group> userUserGroupGroups,
045                    List<Group> groups, List<Role> roles) {
046    
047                    _userId = userId;
048                    _userGroups = userGroups;
049                    _userOrgs = userOrgs;
050                    _userOrgGroups = userOrgGroups;
051                    _userUserGroupGroups = userUserGroupGroups;
052                    _groups = groups;
053                    _roles = roles;
054            }
055    
056            public List<Group> getGroups() {
057                    return _groups;
058            }
059    
060            public long[] getRoleIds() {
061                    if (_roleIds == null) {
062                            List<Role> roles = getRoles();
063    
064                            long[] roleIds = new long[roles.size()];
065    
066                            for (int i = 0; i < roles.size(); i++) {
067                                    Role role = roles.get(i);
068    
069                                    roleIds[i] = role.getRoleId();
070                            }
071    
072                            Arrays.sort(roleIds);
073    
074                            _roleIds = roleIds;
075                    }
076    
077                    return _roleIds;
078            }
079    
080            public List<Role> getRoles() {
081                    return _roles;
082            }
083    
084            public List<Group> getUserGroups() {
085                    return _userGroups;
086            }
087    
088            public List<Group> getUserOrgGroups() {
089                    return _userOrgGroups;
090            }
091    
092            public List<Organization> getUserOrgs() {
093                    return _userOrgs;
094            }
095    
096            public List<Group> getUserUserGroupGroups() {
097                    return _userUserGroupGroups;
098            }
099    
100            /**
101             * @deprecated As of 6.1, renamed to {@link #isGroupAdmin(PermissionChecker,
102             *             Group)}
103             */
104            public boolean isCommunityAdmin(
105                            PermissionChecker permissionChecker, Group group)
106                    throws Exception {
107    
108                    return isGroupAdmin(permissionChecker, group);
109            }
110    
111            /**
112             * @deprecated As of 6.1, renamed to {@link #isGroupOwner(PermissionChecker,
113             *             Group)}
114             */
115            public boolean isCommunityOwner(
116                            PermissionChecker permissionChecker, Group group)
117                    throws Exception {
118    
119                    return isGroupOwner(permissionChecker, group);
120            }
121    
122            public boolean isGroupAdmin(
123                            PermissionChecker permissionChecker, Group group)
124                    throws Exception {
125    
126                    Boolean value = _groupAdmins.get(group.getGroupId());
127    
128                    if (value == null) {
129                            value = Boolean.valueOf(isGroupAdminImpl(permissionChecker, group));
130    
131                            _groupAdmins.put(group.getGroupId(), value);
132                    }
133    
134                    return value.booleanValue();
135            }
136    
137            public boolean isGroupMember(
138                            PermissionChecker permissionChecker, Group group)
139                    throws Exception {
140    
141                    for (Role role : _roles) {
142                            String name = role.getName();
143    
144                            if (name.equals(RoleConstants.SITE_MEMBER)) {
145                                    return true;
146                            }
147                    }
148    
149                    return false;
150            }
151    
152            public boolean isGroupOwner(
153                            PermissionChecker permissionChecker, Group group)
154                    throws Exception {
155    
156                    Boolean value = _groupOwners.get(group.getGroupId());
157    
158                    if (value == null) {
159                            value = Boolean.valueOf(isGroupOwnerImpl(permissionChecker, group));
160    
161                            _groupOwners.put(group.getGroupId(), value);
162                    }
163    
164                    return value.booleanValue();
165            }
166    
167            public boolean isOrganizationAdmin(
168                            PermissionChecker permissionChecker, Organization organization)
169                    throws Exception {
170    
171                    Boolean value = _organizationAdmins.get(
172                            organization.getOrganizationId());
173    
174                    if (value == null) {
175                            value = Boolean.valueOf(
176                                    isOrganizationAdminImpl(permissionChecker, organization));
177    
178                            _organizationAdmins.put(organization.getOrganizationId(), value);
179                    }
180    
181                    return value.booleanValue();
182            }
183    
184            protected boolean isGroupAdminImpl(
185                            PermissionChecker permissionChecker, Group group)
186                    throws PortalException, SystemException {
187    
188                    if (group.isSite()) {
189                            if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
190                                            _userId, group.getGroupId(),
191                                            RoleConstants.SITE_ADMINISTRATOR, true) ||
192                                    UserGroupRoleLocalServiceUtil.hasUserGroupRole(
193                                            _userId, group.getGroupId(), RoleConstants.SITE_OWNER,
194                                            true)) {
195    
196                                    return true;
197                            }
198                    }
199    
200                    if (group.isCompany()) {
201                            if (permissionChecker.isCompanyAdmin()) {
202                                    return true;
203                            }
204                            else {
205                                    return false;
206                            }
207                    }
208                    else if (group.isLayoutPrototype()) {
209                            if (LayoutPrototypePermissionUtil.contains(
210                                            permissionChecker, group.getClassPK(), ActionKeys.UPDATE)) {
211    
212                                    return true;
213                            }
214                            else {
215                                    return false;
216                            }
217                    }
218                    else if (group.isLayoutSetPrototype()) {
219                            if (LayoutSetPrototypePermissionUtil.contains(
220                                            permissionChecker, group.getClassPK(), ActionKeys.UPDATE)) {
221    
222                                    return true;
223                            }
224                            else {
225                                    return false;
226                            }
227                    }
228                    else if (group.isOrganization()) {
229                            long organizationId = group.getOrganizationId();
230    
231                            while (organizationId !=
232                                                    OrganizationConstants.DEFAULT_PARENT_ORGANIZATION_ID) {
233    
234                                    Organization organization =
235                                            OrganizationLocalServiceUtil.getOrganization(
236                                                    organizationId);
237    
238                                    Group organizationGroup = organization.getGroup();
239    
240                                    long organizationGroupId = organizationGroup.getGroupId();
241    
242                                    if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
243                                                    _userId, organizationGroupId,
244                                                    RoleConstants.ORGANIZATION_ADMINISTRATOR, true) ||
245                                            UserGroupRoleLocalServiceUtil.hasUserGroupRole(
246                                                    _userId, organizationGroupId,
247                                                    RoleConstants.ORGANIZATION_OWNER, true)) {
248    
249                                            return true;
250                                    }
251    
252                                    organizationId = organization.getParentOrganizationId();
253                            }
254                    }
255    
256                    return false;
257            }
258    
259            protected boolean isGroupOwnerImpl(
260                            PermissionChecker permissionChecker, Group group)
261                    throws PortalException, SystemException {
262    
263                    if (group.isSite()) {
264                            if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
265                                            _userId, group.getGroupId(), RoleConstants.SITE_OWNER,
266                                            true)) {
267    
268                                    return true;
269                            }
270                    }
271    
272                    if (group.isLayoutPrototype()) {
273                            if (LayoutPrototypePermissionUtil.contains(
274                                            permissionChecker, group.getClassPK(), ActionKeys.UPDATE)) {
275    
276                                    return true;
277                            }
278                            else {
279                                    return false;
280                            }
281                    }
282                    else if (group.isLayoutSetPrototype()) {
283                            if (LayoutSetPrototypePermissionUtil.contains(
284                                            permissionChecker, group.getClassPK(), ActionKeys.UPDATE)) {
285    
286                                    return true;
287                            }
288                            else {
289                                    return false;
290                            }
291                    }
292                    else if (group.isOrganization()) {
293                            long organizationId = group.getOrganizationId();
294    
295                            while (organizationId !=
296                                                    OrganizationConstants.DEFAULT_PARENT_ORGANIZATION_ID) {
297    
298                                    Organization organization =
299                                            OrganizationLocalServiceUtil.getOrganization(
300                                                    organizationId);
301    
302                                    Group organizationGroup = organization.getGroup();
303    
304                                    long organizationGroupId = organizationGroup.getGroupId();
305    
306                                    if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
307                                                    _userId, organizationGroupId,
308                                                    RoleConstants.ORGANIZATION_OWNER, true)) {
309    
310                                            return true;
311                                    }
312    
313                                    organizationId = organization.getParentOrganizationId();
314                            }
315                    }
316                    else if (group.isUser()) {
317                            long userId = group.getClassPK();
318    
319                            if (userId == _userId) {
320                                    return true;
321                            }
322                    }
323    
324                    return false;
325            }
326    
327            protected boolean isOrganizationAdminImpl(
328                            PermissionChecker permissionChecker, Organization organization)
329                    throws PortalException, SystemException {
330    
331                    while (organization != null) {
332                            Group organizationGroup = organization.getGroup();
333    
334                            long organizationGroupId = organizationGroup.getGroupId();
335    
336                            if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
337                                            _userId, organizationGroupId,
338                                            RoleConstants.ORGANIZATION_ADMINISTRATOR, true) ||
339                                    UserGroupRoleLocalServiceUtil.hasUserGroupRole(
340                                            _userId, organizationGroupId,
341                                            RoleConstants.ORGANIZATION_OWNER, true)) {
342    
343                                    return true;
344                            }
345    
346                            organization = organization.getParentOrganization();
347                    }
348    
349                    return false;
350            }
351    
352            private Map<Long, Boolean> _groupAdmins = new HashMap<Long, Boolean>();
353            private Map<Long, Boolean> _groupOwners = new HashMap<Long, Boolean>();
354            private List<Group> _groups;
355            private Map<Long, Boolean> _organizationAdmins =
356                    new HashMap<Long, Boolean>();
357            private long[] _roleIds;
358            private List<Role> _roles;
359            private List<Group> _userGroups;
360            private long _userId;
361            private List<Group> _userOrgGroups;
362            private List<Organization> _userOrgs;
363            private List<Group> _userUserGroupGroups;
364    
365    }