001    /**
002     * Copyright (c) 2000-2013 Liferay, Inc. All rights reserved.
003     *
004     * The contents of this file are subject to the terms of the Liferay Enterprise
005     * Subscription License ("License"). You may not use this file except in
006     * compliance with the License. You can obtain a copy of the License by
007     * contacting Liferay, Inc. See the License for the specific language governing
008     * permissions and limitations under the License, including but not limited to
009     * distribution rights of the Software.
010     *
011     *
012     *
013     */
014    
015    package com.liferay.portlet.usersadmin;
016    
017    import com.liferay.portal.model.Group;
018    import com.liferay.portal.model.Organization;
019    import com.liferay.portal.model.Portlet;
020    import com.liferay.portal.model.Role;
021    import com.liferay.portal.model.RoleConstants;
022    import com.liferay.portal.model.UserGroupRole;
023    import com.liferay.portal.security.permission.ActionKeys;
024    import com.liferay.portal.security.permission.PermissionChecker;
025    import com.liferay.portal.service.OrganizationLocalServiceUtil;
026    import com.liferay.portal.service.UserGroupRoleLocalServiceUtil;
027    import com.liferay.portal.service.permission.OrganizationPermissionUtil;
028    import com.liferay.portlet.BaseControlPanelEntry;
029    
030    import java.util.List;
031    
032    /**
033     * @author Jorge Ferrer
034     * @author Zsolt Berentey
035     */
036    public class UsersControlPanelEntry extends BaseControlPanelEntry {
037    
038            @Override
039            protected boolean hasPermissionImplicitlyGranted(
040                            PermissionChecker permissionChecker, Group group, Portlet portlet)
041                    throws Exception {
042    
043                    List<UserGroupRole> userGroupRoles =
044                            UserGroupRoleLocalServiceUtil.getUserGroupRoles(
045                                    permissionChecker.getUserId());
046    
047                    for (UserGroupRole userGroupRole : userGroupRoles) {
048                            Role role = userGroupRole.getRole();
049    
050                            String roleName = role.getName();
051    
052                            if (roleName.equals(RoleConstants.ORGANIZATION_ADMINISTRATOR) ||
053                                    roleName.equals(RoleConstants.ORGANIZATION_OWNER)) {
054    
055                                    return true;
056                            }
057                    }
058    
059                    List<Organization> organizations =
060                            OrganizationLocalServiceUtil.getUserOrganizations(
061                                    permissionChecker.getUserId());
062    
063                    for (Organization organization : organizations) {
064                            if (OrganizationPermissionUtil.contains(
065                                            permissionChecker, organization.getOrganizationId(),
066                                            ActionKeys.MANAGE_USERS)) {
067    
068                                    return true;
069                            }
070    
071                            if (OrganizationPermissionUtil.contains(
072                                            permissionChecker, organization.getOrganizationId(),
073                                            ActionKeys.MANAGE_SUBORGANIZATIONS)) {
074    
075                                    return true;
076                            }
077    
078                            /*if (OrganizationPermissionUtil.contains(
079                                            permissionChecker, organization.getOrganizationId(),
080                                            ActionKeys.VIEW)) {
081    
082                                    return true;
083                            }*/
084                    }
085    
086                    return false;
087            }
088    
089    }