001 /** 002 * Copyright (c) 2000-2011 Liferay, Inc. All rights reserved. 003 * 004 * The contents of this file are subject to the terms of the Liferay Enterprise 005 * Subscription License ("License"). You may not use this file except in 006 * compliance with the License. You can obtain a copy of the License by 007 * contacting Liferay, Inc. See the License for the specific language governing 008 * permissions and limitations under the License, including but not limited to 009 * distribution rights of the Software. 010 * 011 * 012 * 013 */ 014 015 package com.liferay.portal.security.permission; 016 017 import com.liferay.portal.model.User; 018 019 import java.util.List; 020 021 import javax.portlet.PortletRequest; 022 023 /** 024 * @author Brian Wing Shun Chan 025 */ 026 public interface PermissionChecker extends Cloneable { 027 028 public static final long[] DEFAULT_ROLE_IDS = {}; 029 030 public PermissionChecker clone(); 031 032 /** 033 * Returns the primary key of the user's company. 034 * 035 * @return the primary key of the user's company 036 */ 037 public long getCompanyId(); 038 039 public List<Long> getGuestResourceBlockIds( 040 long companyId, long groupId, String name, String actionId); 041 042 public List<Long> getOwnerResourceBlockIds( 043 long companyId, long groupId, String name, String actionId); 044 045 /** 046 * Returns the primary key of the owner role. This role is automatically 047 * given to the creator of a resource. 048 * 049 * @return the primary key of the owner role 050 */ 051 public long getOwnerRoleId(); 052 053 public List<Long> getResourceBlockIds( 054 long companyId, long groupId, long userId, String name, 055 String actionId); 056 057 /** 058 * Returns the primary keys of the roles the user has within the group. 059 * 060 * @param userId the primary key of the user 061 * @param groupId the primary key of the group 062 * @return the primary keys of the roles the user has within the group 063 */ 064 public long[] getRoleIds(long userId, long groupId); 065 066 /** 067 * Returns the primary key of the user. 068 * 069 * @return the primary key of the user 070 */ 071 public long getUserId(); 072 073 /** 074 * Returns <code>true</code> if the user is the owner of the resource and 075 * has permission to perform the action. 076 * 077 * @param companyId the primary key of the user's company 078 * @param name the resource's name, which can be either a class name or a 079 * portlet ID 080 * @param primKey the primary key of the resource 081 * @param ownerId the primary key of the resource's owner 082 * @param actionId the action ID 083 * @return <code>true</code> if the user is the owner of the resource and 084 * has permission to perform the action; <code>false</code> 085 * otherwise 086 */ 087 public boolean hasOwnerPermission( 088 long companyId, String name, long primKey, long ownerId, 089 String actionId); 090 091 /** 092 * Returns <code>true</code> if the user is the owner of the resource and 093 * has permission to perform the action. 094 * 095 * @param companyId the primary key of the user's company 096 * @param name the resource's name, which can be either a class name or a 097 * portlet ID 098 * @param primKey the primary key of the resource 099 * @param ownerId the primary key of the resource's owner 100 * @param actionId the action ID 101 * @return <code>true</code> if the user is the owner of the resource and 102 * has permission to perform the action; <code>false</code> 103 * otherwise 104 */ 105 public boolean hasOwnerPermission( 106 long companyId, String name, String primKey, long ownerId, 107 String actionId); 108 109 /** 110 * Returns <code>true</code> if the user has permission to perform the 111 * action on the resource. 112 * 113 * @param groupId the primary key of the group containing the resource 114 * @param name the resource's name, which can be either a class name or a 115 * portlet ID 116 * @param primKey the primary key of the resource 117 * @param actionId the action ID 118 * @return <code>true</code> if the user has permission to perform the 119 * action on the resource; <code>false</code> otherwise 120 */ 121 public boolean hasPermission( 122 long groupId, String name, long primKey, String actionId); 123 124 /** 125 * Returns <code>true</code> if the user has permission to perform the 126 * action on the resource. 127 * 128 * @param groupId the primary key of the group containing the resource 129 * @param name the resource's name, which can be either a class name or a 130 * portlet ID 131 * @param primKey the primary key of the resource 132 * @param actionId the action ID 133 * @return <code>true</code> if the user has permission to perform the 134 * action on the resource; <code>false</code> otherwise 135 */ 136 public boolean hasPermission( 137 long groupId, String name, String primKey, String actionId); 138 139 /** 140 * Returns <code>true</code> if the user has permission to perform the 141 * action on the resource without using guest permissions. 142 * 143 * @param groupId the primary key of the group containing the resource 144 * @param name the resource's name, which can be either a class name or a 145 * portlet ID 146 * @param primKey the primary key of the resource 147 * @param actionId the action ID 148 * @param checkAdmin whether to use permissions gained from administrator 149 * roles 150 * @return <code>true</code> if the user has permission to perform the 151 * action on the resource without using guest permissions; 152 * <code>false</code> otherwise 153 */ 154 public boolean hasUserPermission( 155 long groupId, String name, String primKey, String actionId, 156 boolean checkAdmin); 157 158 /** 159 * Initializes this permission checker. 160 * 161 * @param user the current user 162 * @param checkGuest whether to use guest permissions in permission checks 163 */ 164 public void init(User user, boolean checkGuest); 165 166 /** 167 * Returns <code>true</code> if guest permissions should be used in 168 * permission checks. 169 * 170 * @return <code>true</code> if guest permissions should be used in 171 * permission checks; <code>false</code> otherwise 172 */ 173 public boolean isCheckGuest(); 174 175 /** 176 * @deprecated As of 6.1, renamed to {@link #isGroupAdmin(long)} 177 */ 178 public boolean isCommunityAdmin(long groupId); 179 180 /** 181 * @deprecated As of 6.1, renamed to {@link #isGroupOwner(long)} 182 */ 183 public boolean isCommunityOwner(long groupId); 184 185 /** 186 * Returns <code>true</code> if the user is an administrator of their 187 * company. 188 * 189 * @return <code>true</code> if the user is an administrator of their 190 * company; <code>false</code> otherwise 191 */ 192 public boolean isCompanyAdmin(); 193 194 /** 195 * Returns <code>true</code> if the user is an administrator of the company. 196 * 197 * @param companyId the primary key of the company 198 * @return <code>true</code> if the user is an administrator of the company; 199 * <code>false</code> otherwise 200 */ 201 public boolean isCompanyAdmin(long companyId); 202 203 /** 204 * Returns <code>true</code> if the user is an administrator of the group. 205 * 206 * @param groupId the primary key of the group 207 * @return <code>true</code> if the user is an administrator of the group; 208 * <code>false</code> otherwise 209 */ 210 public boolean isGroupAdmin(long groupId); 211 212 /** 213 * Returns <code>true</code> if the user is the owner of the group. 214 * 215 * @param groupId the primary key of the group 216 * @return <code>true</code> if the user is the owner of the group; 217 * <code>false</code> otherwise 218 */ 219 public boolean isGroupOwner(long groupId); 220 221 /** 222 * Returns <code>true</code> if the user is a universal administrator. 223 * 224 * @return <code>true</code> if the user is a universal administrator; 225 * <code>false</code> otherwise 226 * @see com.liferay.portlet.admin.util.OmniadminUtil 227 */ 228 public boolean isOmniadmin(); 229 230 /** 231 * Returns <code>true</code> if the user is signed in. 232 * 233 * @return <code>true</code> if the user is signed in; <code>false</code> 234 * otherwise 235 */ 236 public boolean isSignedIn(); 237 238 /** 239 * @deprecated Does nothing 240 */ 241 public void resetValues(); 242 243 /** 244 * Sets whether to user guest permissions in permission checks 245 * 246 * @param checkGuest whether to use guest permissions in permission checks 247 */ 248 public void setCheckGuest(boolean checkGuest); 249 250 /** 251 * @deprecated Does nothing 252 */ 253 public void setValues(PortletRequest portletRequest); 254 255 }