001
014
015 package com.liferay.portal.kernel.search;
016
017 import com.liferay.portal.kernel.log.Log;
018 import com.liferay.portal.kernel.log.LogFactoryUtil;
019 import com.liferay.portal.kernel.util.ArrayUtil;
020 import com.liferay.portal.kernel.util.GetterUtil;
021 import com.liferay.portal.kernel.util.Time;
022 import com.liferay.portal.kernel.workflow.WorkflowConstants;
023 import com.liferay.portal.security.permission.ActionKeys;
024 import com.liferay.portal.security.permission.PermissionChecker;
025
026 import java.util.ArrayList;
027 import java.util.List;
028
029
032 public class DefaultSearchResultPermissionFilter
033 extends BaseSearchResultPermissionFilter {
034
035 public DefaultSearchResultPermissionFilter(
036 BaseIndexer baseIndexer, PermissionChecker permissionChecker) {
037
038 _baseIndexer = baseIndexer;
039 _permissionChecker = permissionChecker;
040 }
041
042 @Override
043 protected void filterHits(Hits hits, SearchContext searchContext) {
044 List<Document> docs = new ArrayList<Document>();
045 List<Float> scores = new ArrayList<Float>();
046
047 Document[] documents = hits.getDocs();
048
049 int excludeDocsSize = 0;
050
051 int status = GetterUtil.getInteger(
052 searchContext.getAttribute(Field.STATUS),
053 WorkflowConstants.STATUS_APPROVED);
054
055 for (int i = 0; i < documents.length; i++) {
056 if (_isIncludeDocument(documents[i], status)) {
057 docs.add(documents[i]);
058 scores.add(hits.score(i));
059 }
060 else {
061 excludeDocsSize++;
062 }
063 }
064
065 hits.setDocs(docs.toArray(new Document[docs.size()]));
066 hits.setScores(ArrayUtil.toFloatArray(scores));
067 hits.setSearchTime(
068 (float)(System.currentTimeMillis() - hits.getStart()) /
069 Time.SECOND);
070 hits.setLength(hits.getLength() - excludeDocsSize);
071 }
072
073 @Override
074 protected Hits getHits(SearchContext searchContext) throws SearchException {
075 return _baseIndexer.doSearch(searchContext);
076 }
077
078 @Override
079 protected boolean isGroupAdmin(SearchContext searchContext) {
080 if (_permissionChecker.isCompanyAdmin(searchContext.getCompanyId())) {
081 return true;
082 }
083
084 long groupId = GetterUtil.getLong(
085 searchContext.getAttribute(Field.GROUP_ID));
086
087 if (groupId == 0) {
088 return false;
089 }
090
091 if (!_permissionChecker.isGroupAdmin(groupId)) {
092 return false;
093 }
094
095 return true;
096 }
097
098 private boolean _isIncludeDocument(Document document, int status) {
099 String entryClassName = document.get(Field.ENTRY_CLASS_NAME);
100
101 Indexer indexer = IndexerRegistryUtil.getIndexer(entryClassName);
102
103 if (indexer == null) {
104 return true;
105 }
106
107 if (!indexer.isFilterSearch() || !indexer.isPermissionAware()) {
108 return true;
109 }
110
111 long entryClassPK = GetterUtil.getLong(
112 document.get(Field.ENTRY_CLASS_PK));
113
114 try {
115 if (indexer.hasPermission(
116 _permissionChecker, entryClassName, entryClassPK,
117 ActionKeys.VIEW) &&
118 indexer.isVisibleRelatedEntry(entryClassPK, status)) {
119
120 return true;
121 }
122 }
123 catch (Exception e) {
124 if (_log.isDebugEnabled()) {
125 _log.debug(e, e);
126 }
127 }
128
129 return false;
130 }
131
132 private static Log _log = LogFactoryUtil.getLog(
133 DefaultSearchResultPermissionFilter.class);
134
135 private BaseIndexer _baseIndexer;
136 private PermissionChecker _permissionChecker;
137
138 }