001    /**
002     * Copyright (c) 2000-2013 Liferay, Inc. All rights reserved.
003     *
004     * The contents of this file are subject to the terms of the Liferay Enterprise
005     * Subscription License ("License"). You may not use this file except in
006     * compliance with the License. You can obtain a copy of the License by
007     * contacting Liferay, Inc. See the License for the specific language governing
008     * permissions and limitations under the License, including but not limited to
009     * distribution rights of the Software.
010     *
011     *
012     *
013     */
014    
015    package com.liferay.portlet.workflowtasks.action;
016    
017    import com.liferay.portal.kernel.exception.PortalException;
018    import com.liferay.portal.kernel.util.MapUtil;
019    import com.liferay.portal.kernel.util.ParamUtil;
020    import com.liferay.portal.kernel.workflow.WorkflowTask;
021    import com.liferay.portal.kernel.workflow.WorkflowTaskManagerUtil;
022    import com.liferay.portal.security.auth.PrincipalException;
023    import com.liferay.portal.theme.ThemeDisplay;
024    import com.liferay.portal.util.PortalUtil;
025    import com.liferay.portal.util.WebKeys;
026    
027    import javax.portlet.PortletRequest;
028    
029    import javax.servlet.http.HttpServletRequest;
030    
031    /**
032     * @author Marcellus Tavares
033     */
034    public class ActionUtil {
035    
036            public static void getWorkflowTask(HttpServletRequest request)
037                    throws Exception {
038    
039                    long workflowTaskId = ParamUtil.getLong(request, "workflowTaskId");
040    
041                    WorkflowTask workflowTask = null;
042    
043                    if (workflowTaskId > 0) {
044                            ThemeDisplay themeDisplay = (ThemeDisplay)request.getAttribute(
045                                    WebKeys.THEME_DISPLAY);
046    
047                            workflowTask = WorkflowTaskManagerUtil.getWorkflowTask(
048                                    themeDisplay.getCompanyId(), workflowTaskId);
049    
050                            checkWorkflowTaskViewPermission(workflowTask, themeDisplay);
051                    }
052    
053                    request.setAttribute(WebKeys.WORKFLOW_TASK, workflowTask);
054            }
055    
056            public static void getWorkflowTask(PortletRequest portletRequest)
057                    throws Exception {
058    
059                    HttpServletRequest request = PortalUtil.getHttpServletRequest(
060                            portletRequest);
061    
062                    getWorkflowTask(request);
063            }
064    
065            protected static void checkWorkflowTaskViewPermission(
066                            WorkflowTask workflowTask, ThemeDisplay themeDisplay)
067                    throws PortalException {
068    
069                    long groupId = MapUtil.getLong(
070                            workflowTask.getOptionalAttributes(), "groupId",
071                            themeDisplay.getSiteGroupId());
072    
073                    if (!WorkflowTaskPermissionChecker.hasPermission(
074                                    groupId, workflowTask, themeDisplay.getPermissionChecker())) {
075    
076                            throw new PrincipalException(
077                                    String.format(
078                                            "User %d does not have permission to view task %d",
079                                            themeDisplay.getUserId(),
080                                            workflowTask.getWorkflowTaskId()));
081                    }
082            }
083    
084    }