001
014
015 package com.liferay.portlet.workflowtasks.action;
016
017 import com.liferay.portal.kernel.util.ArrayUtil;
018 import com.liferay.portal.kernel.util.ParamUtil;
019 import com.liferay.portal.kernel.workflow.WorkflowTask;
020 import com.liferay.portal.kernel.workflow.WorkflowTaskAssignee;
021 import com.liferay.portal.kernel.workflow.WorkflowTaskManagerUtil;
022 import com.liferay.portal.model.Role;
023 import com.liferay.portal.model.User;
024 import com.liferay.portal.security.auth.PrincipalException;
025 import com.liferay.portal.security.permission.PermissionChecker;
026 import com.liferay.portal.theme.ThemeDisplay;
027 import com.liferay.portal.util.PortalUtil;
028 import com.liferay.portal.util.WebKeys;
029
030 import javax.portlet.PortletRequest;
031
032 import javax.servlet.http.HttpServletRequest;
033
034
037 public class ActionUtil {
038
039 public static void getWorkflowTask(HttpServletRequest request)
040 throws Exception {
041
042 long workflowTaskId = ParamUtil.getLong(request, "workflowTaskId");
043
044 WorkflowTask workflowTask = null;
045
046 if (workflowTaskId > 0) {
047 ThemeDisplay themeDisplay = (ThemeDisplay)request.getAttribute(
048 WebKeys.THEME_DISPLAY);
049
050 PermissionChecker permissionChecker =
051 themeDisplay.getPermissionChecker();
052
053 workflowTask = WorkflowTaskManagerUtil.getWorkflowTask(
054 themeDisplay.getCompanyId(), workflowTaskId);
055
056 if (!hasViewPermission(
057 themeDisplay.getScopeGroupId(), workflowTask,
058 permissionChecker)) {
059
060 throw new PrincipalException(
061 "User " + permissionChecker.getUserId() +
062 " must have permission to perform action VIEW");
063 }
064 }
065
066 request.setAttribute(WebKeys.WORKFLOW_TASK, workflowTask);
067 }
068
069 public static void getWorkflowTask(PortletRequest portletRequest)
070 throws Exception {
071
072 HttpServletRequest request = PortalUtil.getHttpServletRequest(
073 portletRequest);
074
075 getWorkflowTask(request);
076 }
077
078 protected static boolean hasViewPermission(
079 long groupId, WorkflowTask workflowTask,
080 PermissionChecker permissionChecker) {
081
082 if (permissionChecker.isOmniadmin() ||
083 permissionChecker.isCompanyAdmin()) {
084
085 return true;
086 }
087
088 long[] roleIds = permissionChecker.getRoleIds(
089 permissionChecker.getUserId(), groupId);
090
091 for (WorkflowTaskAssignee workflowTaskAssignee :
092 workflowTask.getWorkflowTaskAssignees()) {
093
094 if (isWorkflowTaskAssignableToRoles(
095 workflowTaskAssignee, roleIds) ||
096 isWorkflowTaskAssignableToUser(
097 workflowTaskAssignee, permissionChecker.getUserId())) {
098
099 return true;
100 }
101 }
102
103 return false;
104 }
105
106 protected static boolean isWorkflowTaskAssignableToRoles(
107 WorkflowTaskAssignee workflowTaskAssignee, long[] roleIds) {
108
109 String assigneeClassName = workflowTaskAssignee.getAssigneeClassName();
110
111 if (!assigneeClassName.equals(Role.class.getName())) {
112 return false;
113 }
114
115 if (ArrayUtil.contains(
116 roleIds, workflowTaskAssignee.getAssigneeClassPK())) {
117
118 return true;
119 }
120
121 return false;
122 }
123
124 protected static boolean isWorkflowTaskAssignableToUser(
125 WorkflowTaskAssignee workflowTaskAssignee, long userId) {
126
127 String assigneeClassName = workflowTaskAssignee.getAssigneeClassName();
128
129 if (!assigneeClassName.equals(User.class.getName())) {
130 return false;
131 }
132
133 if (workflowTaskAssignee.getAssigneeClassPK() == userId) {
134 return true;
135 }
136
137 return false;
138 }
139
140 }