001    /**
002     * Copyright (c) 2000-2013 Liferay, Inc. All rights reserved.
003     *
004     * The contents of this file are subject to the terms of the Liferay Enterprise
005     * Subscription License ("License"). You may not use this file except in
006     * compliance with the License. You can obtain a copy of the License by
007     * contacting Liferay, Inc. See the License for the specific language governing
008     * permissions and limitations under the License, including but not limited to
009     * distribution rights of the Software.
010     *
011     *
012     *
013     */
014    
015    package com.liferay.portlet.admin.util;
016    
017    import com.liferay.portal.kernel.exception.SystemException;
018    import com.liferay.portal.kernel.log.Log;
019    import com.liferay.portal.kernel.log.LogFactoryUtil;
020    import com.liferay.portal.model.RoleConstants;
021    import com.liferay.portal.model.User;
022    import com.liferay.portal.security.auth.CompanyThreadLocal;
023    import com.liferay.portal.service.RoleLocalServiceUtil;
024    import com.liferay.portal.service.UserLocalServiceUtil;
025    import com.liferay.portal.util.PortalInstances;
026    import com.liferay.portal.util.PropsValues;
027    
028    /**
029     * Provides utility methods for determining if a user is a universal
030     * administrator. Universal administrators have administrator permissions in
031     * every company.
032     *
033     * <p>
034     * A user can be made a universal administrator by adding their primary key to
035     * the list in <code>portal.properties</code> under the key
036     * <code>omniadmin.users</key>. If this property is left blank, administrators
037     * of the default company will automatically be universal administrators.
038     * </p>
039     *
040     * @author Brian Wing Shun Chan
041     */
042    public class OmniadminUtil {
043    
044            public static boolean isOmniadmin(long userId) {
045                    try {
046                            User user = UserLocalServiceUtil.fetchUser(userId);
047    
048                            if (user == null) {
049                                    return false;
050                            }
051    
052                            return isOmniadmin(user);
053                    }
054                    catch (SystemException se) {
055                            return false;
056                    }
057            }
058    
059            public static boolean isOmniadmin(User user) {
060                    if (CompanyThreadLocal.getCompanyId() !=
061                                    PortalInstances.getDefaultCompanyId()) {
062    
063                            return false;
064                    }
065    
066                    long userId = user.getUserId();
067    
068                    if (userId <= 0) {
069                            return false;
070                    }
071    
072                    try {
073                            if (PropsValues.OMNIADMIN_USERS.length > 0) {
074                                    for (int i = 0; i < PropsValues.OMNIADMIN_USERS.length; i++) {
075                                            if (PropsValues.OMNIADMIN_USERS[i] == userId) {
076                                                    if (user.getCompanyId() !=
077                                                                    PortalInstances.getDefaultCompanyId()) {
078    
079                                                            return false;
080                                                    }
081    
082                                                    return true;
083                                            }
084                                    }
085    
086                                    return false;
087                            }
088    
089                            if (user.getCompanyId() !=
090                                            PortalInstances.getDefaultCompanyId()) {
091    
092                                    return false;
093                            }
094    
095                            return RoleLocalServiceUtil.hasUserRole(
096                                    userId, user.getCompanyId(), RoleConstants.ADMINISTRATOR, true);
097                    }
098                    catch (Exception e) {
099                            _log.error(e);
100    
101                            return false;
102                    }
103            }
104    
105            private static Log _log = LogFactoryUtil.getLog(OmniadminUtil.class);
106    
107    }