001
014
015 package com.liferay.portlet.messageboards.service.permission;
016
017 import com.liferay.portal.kernel.exception.PortalException;
018 import com.liferay.portal.kernel.exception.SystemException;
019 import com.liferay.portal.kernel.staging.permission.StagingPermissionUtil;
020 import com.liferay.portal.kernel.workflow.permission.WorkflowPermissionUtil;
021 import com.liferay.portal.security.auth.PrincipalException;
022 import com.liferay.portal.security.permission.PermissionChecker;
023 import com.liferay.portal.security.permission.ResourceActionsUtil;
024 import com.liferay.portal.util.PortletKeys;
025 import com.liferay.portal.util.PropsValues;
026 import com.liferay.portlet.messageboards.model.MBDiscussion;
027 import com.liferay.portlet.messageboards.model.MBMessage;
028 import com.liferay.portlet.messageboards.service.MBBanLocalServiceUtil;
029 import com.liferay.portlet.messageboards.service.MBDiscussionLocalServiceUtil;
030 import com.liferay.portlet.messageboards.service.MBMessageLocalServiceUtil;
031
032 import java.util.List;
033
034
037 public class MBDiscussionPermission {
038
039 public static void check(
040 PermissionChecker permissionChecker, long companyId, long groupId,
041 String className, long classPK, long messageId, long ownerId,
042 String actionId)
043 throws PortalException, SystemException {
044
045 check(
046 permissionChecker, companyId, groupId, className, classPK, actionId,
047 messageId);
048 }
049
050 public static void check(
051 PermissionChecker permissionChecker, long companyId, long groupId,
052 String className, long classPK, String actionId, long messageId)
053 throws PortalException, SystemException {
054
055 if (!contains(
056 permissionChecker, companyId, groupId, className, classPK,
057 actionId, messageId)) {
058
059 throw new PrincipalException();
060 }
061 }
062
063 public static void check(
064 PermissionChecker permissionChecker, long companyId, long groupId,
065 String className, long classPK, long ownerId, String actionId)
066 throws PortalException, SystemException {
067
068 check(
069 permissionChecker, companyId, groupId, className, classPK,
070 actionId);
071 }
072
073 public static void check(
074 PermissionChecker permissionChecker, long companyId, long groupId,
075 String className, long classPK, String actionId)
076 throws PortalException, SystemException {
077
078 if (!contains(
079 permissionChecker, companyId, groupId, className, classPK,
080 actionId)) {
081
082 throw new PrincipalException();
083 }
084 }
085
086 public static boolean contains(
087 PermissionChecker permissionChecker, long companyId, long groupId,
088 String className, long classPK, long messageId, long ownerId,
089 String actionId)
090 throws PortalException, SystemException {
091
092 return contains(
093 permissionChecker, companyId, groupId, className, classPK, actionId,
094 messageId);
095 }
096
097 public static boolean contains(
098 PermissionChecker permissionChecker, long companyId, long groupId,
099 String className, long classPK, String actionId, long messageId)
100 throws PortalException, SystemException {
101
102 MBMessage message = MBMessageLocalServiceUtil.getMessage(messageId);
103
104 if (PropsValues.DISCUSSION_COMMENTS_ALWAYS_EDITABLE_BY_OWNER &&
105 (permissionChecker.getUserId() == message.getUserId())) {
106
107 return true;
108 }
109
110 if (message.isPending()) {
111 Boolean hasPermission = WorkflowPermissionUtil.hasPermission(
112 permissionChecker, message.getGroupId(),
113 message.getWorkflowClassName(), message.getMessageId(),
114 actionId);
115
116 if (hasPermission != null) {
117 return hasPermission.booleanValue();
118 }
119 }
120
121 return contains(
122 permissionChecker, companyId, groupId, className, classPK,
123 actionId);
124 }
125
126 public static boolean contains(
127 PermissionChecker permissionChecker, long companyId, long groupId,
128 String className, long classPK, long ownerId, String actionId)
129 throws SystemException {
130
131 return contains(
132 permissionChecker, companyId, groupId, className, classPK,
133 actionId);
134 }
135
136 public static boolean contains(
137 PermissionChecker permissionChecker, long companyId, long groupId,
138 String className, long classPK, String actionId)
139 throws SystemException {
140
141 MBDiscussion mbDiscussion =
142 MBDiscussionLocalServiceUtil.fetchDiscussion(className, classPK);
143
144 if (mbDiscussion == null) {
145 return false;
146 }
147
148 if (MBBanLocalServiceUtil.hasBan(
149 groupId, permissionChecker.getUserId())) {
150
151 return false;
152 }
153
154 Boolean hasPermission = StagingPermissionUtil.hasPermission(
155 permissionChecker, groupId, className, classPK,
156 PortletKeys.MESSAGE_BOARDS, actionId);
157
158 if (hasPermission != null) {
159 return hasPermission.booleanValue();
160 }
161
162 List<String> resourceActions = ResourceActionsUtil.getResourceActions(
163 className);
164
165 if (!resourceActions.contains(actionId)) {
166 return true;
167 }
168
169 long userId = mbDiscussion.getUserId();
170
171 if ((userId > 0) &&
172 permissionChecker.hasOwnerPermission(
173 companyId, className, classPK, userId, actionId)) {
174
175 return true;
176 }
177
178 return permissionChecker.hasPermission(
179 groupId, className, classPK, actionId);
180 }
181
182 }