001
014
015 package com.liferay.portlet.documentlibrary.service.permission;
016
017 import com.liferay.portal.kernel.exception.PortalException;
018 import com.liferay.portal.kernel.exception.SystemException;
019 import com.liferay.portal.kernel.repository.model.Folder;
020 import com.liferay.portal.kernel.staging.permission.StagingPermissionUtil;
021 import com.liferay.portal.security.auth.PrincipalException;
022 import com.liferay.portal.security.permission.ActionKeys;
023 import com.liferay.portal.security.permission.PermissionChecker;
024 import com.liferay.portal.util.PortletKeys;
025 import com.liferay.portal.util.PropsValues;
026 import com.liferay.portlet.documentlibrary.NoSuchFolderException;
027 import com.liferay.portlet.documentlibrary.model.DLFolder;
028 import com.liferay.portlet.documentlibrary.model.DLFolderConstants;
029 import com.liferay.portlet.documentlibrary.service.DLAppLocalServiceUtil;
030 import com.liferay.portlet.documentlibrary.service.DLFolderLocalServiceUtil;
031
032
035 public class DLFolderPermission {
036
037 public static void check(
038 PermissionChecker permissionChecker, DLFolder dlFolder,
039 String actionId)
040 throws PortalException, SystemException {
041
042 if (!contains(permissionChecker, dlFolder, actionId)) {
043 throw new PrincipalException(
044 String.format(
045 "User %s must have %s permission for %s %s",
046 permissionChecker.getUserId(), actionId,
047 DLFolder.class.getName(), dlFolder.getFolderId()));
048 }
049 }
050
051 public static void check(
052 PermissionChecker permissionChecker, Folder folder, String actionId)
053 throws PortalException, SystemException {
054
055 if (!folder.containsPermission(permissionChecker, actionId)) {
056 throw new PrincipalException(
057 String.format(
058 "User %s must have %s permission for %s %s",
059 permissionChecker.getUserId(), actionId,
060 Folder.class.getName(), folder.getFolderId()));
061 }
062 }
063
064 public static void check(
065 PermissionChecker permissionChecker, long groupId, long folderId,
066 String actionId)
067 throws PortalException, SystemException {
068
069 if (!contains(permissionChecker, groupId, folderId, actionId)) {
070 throw new PrincipalException(
071 String.format(
072 "User %s must have %s permission for %s %s",
073 permissionChecker.getUserId(), actionId,
074 Folder.class.getName(), folderId));
075 }
076 }
077
078 public static boolean contains(
079 PermissionChecker permissionChecker, DLFolder dlFolder,
080 String actionId)
081 throws PortalException, SystemException {
082
083 if (actionId.equals(ActionKeys.ADD_FOLDER)) {
084 actionId = ActionKeys.ADD_SUBFOLDER;
085 }
086
087 Boolean hasPermission = StagingPermissionUtil.hasPermission(
088 permissionChecker, dlFolder.getGroupId(), DLFolder.class.getName(),
089 dlFolder.getFolderId(), PortletKeys.DOCUMENT_LIBRARY, actionId);
090
091 if (hasPermission != null) {
092 return hasPermission.booleanValue();
093 }
094
095 if (actionId.equals(ActionKeys.VIEW) &&
096 PropsValues.PERMISSIONS_VIEW_DYNAMIC_INHERITANCE) {
097
098 try {
099 long dlFolderId = dlFolder.getFolderId();
100
101 while (dlFolderId !=
102 DLFolderConstants.DEFAULT_PARENT_FOLDER_ID) {
103
104 dlFolder = DLFolderLocalServiceUtil.getFolder(dlFolderId);
105
106 if (!_hasPermission(
107 permissionChecker, dlFolder, actionId)) {
108
109 return false;
110 }
111
112 dlFolderId = dlFolder.getParentFolderId();
113 }
114 }
115 catch (NoSuchFolderException nsfe) {
116 if (!dlFolder.isInTrash()) {
117 throw nsfe;
118 }
119 }
120
121 return DLPermission.contains(
122 permissionChecker, dlFolder.getGroupId(), actionId);
123 }
124
125 return _hasPermission(permissionChecker, dlFolder, actionId);
126 }
127
128 public static boolean contains(
129 PermissionChecker permissionChecker, Folder folder, String actionId)
130 throws PortalException, SystemException {
131
132 return folder.containsPermission(permissionChecker, actionId);
133 }
134
135 public static boolean contains(
136 PermissionChecker permissionChecker, long groupId, long folderId,
137 String actionId)
138 throws PortalException, SystemException {
139
140 if (folderId == DLFolderConstants.DEFAULT_PARENT_FOLDER_ID) {
141
142
143
144
145 if (actionId.equals(ActionKeys.ACCESS) ||
146 actionId.equals(ActionKeys.ADD_SUBFOLDER) ||
147 actionId.equals(ActionKeys.DELETE)) {
148
149 return false;
150 }
151
152 return DLPermission.contains(permissionChecker, groupId, actionId);
153 }
154
155 Folder folder = DLAppLocalServiceUtil.getFolder(folderId);
156
157 return folder.containsPermission(permissionChecker, actionId);
158 }
159
160 private static boolean _hasPermission(
161 PermissionChecker permissionChecker, DLFolder dlFolder,
162 String actionId) {
163
164 if (permissionChecker.hasOwnerPermission(
165 dlFolder.getCompanyId(), DLFolder.class.getName(),
166 dlFolder.getFolderId(), dlFolder.getUserId(), actionId) ||
167 permissionChecker.hasPermission(
168 dlFolder.getGroupId(), DLFolder.class.getName(),
169 dlFolder.getFolderId(), actionId)) {
170
171 return true;
172 }
173
174 return false;
175 }
176
177 }