001    /**
002     * Copyright (c) 2000-2011 Liferay, Inc. All rights reserved.
003     *
004     * The contents of this file are subject to the terms of the Liferay Enterprise
005     * Subscription License ("License"). You may not use this file except in
006     * compliance with the License. You can obtain a copy of the License by
007     * contacting Liferay, Inc. See the License for the specific language governing
008     * permissions and limitations under the License, including but not limited to
009     * distribution rights of the Software.
010     *
011     *
012     *
013     */
014    
015    package com.liferay.portal.security.permission;
016    
017    import com.liferay.portal.kernel.exception.PortalException;
018    import com.liferay.portal.kernel.exception.SystemException;
019    import com.liferay.portal.model.Group;
020    import com.liferay.portal.model.Organization;
021    import com.liferay.portal.model.OrganizationConstants;
022    import com.liferay.portal.model.Role;
023    import com.liferay.portal.model.RoleConstants;
024    import com.liferay.portal.service.OrganizationLocalServiceUtil;
025    import com.liferay.portal.service.UserGroupRoleLocalServiceUtil;
026    import com.liferay.portal.service.permission.LayoutPrototypePermissionUtil;
027    import com.liferay.portal.service.permission.LayoutSetPrototypePermissionUtil;
028    
029    import java.util.Arrays;
030    import java.util.HashMap;
031    import java.util.List;
032    import java.util.Map;
033    
034    /**
035     * @author Brian Wing Shun Chan
036     */
037    public class PermissionCheckerBagImpl implements PermissionCheckerBag {
038    
039            public PermissionCheckerBagImpl() {
040            }
041    
042            public PermissionCheckerBagImpl(
043                    long userId, List<Group> userGroups, List<Organization> userOrgs,
044                    List<Group> userOrgGroups, List<Group> userUserGroupGroups,
045                    List<Group> groups, List<Role> roles) {
046    
047                    _userId = userId;
048                    _userGroups = userGroups;
049                    _userOrgs = userOrgs;
050                    _userOrgGroups = userOrgGroups;
051                    _userUserGroupGroups = userUserGroupGroups;
052                    _groups = groups;
053                    _roles = roles;
054            }
055    
056            public List<Group> getUserGroups() {
057                    return _userGroups;
058            }
059    
060            public List<Organization> getUserOrgs() {
061                    return _userOrgs;
062            }
063    
064            public List<Group> getUserOrgGroups() {
065                    return _userOrgGroups;
066            }
067    
068            public List<Group> getUserUserGroupGroups() {
069                    return _userUserGroupGroups;
070            }
071    
072            public List<Group> getGroups() {
073                    return _groups;
074            }
075    
076            public long[] getRoleIds() {
077                    if (_roleIds == null) {
078                            List<Role> roles = getRoles();
079    
080                            long[] roleIds = new long[roles.size()];
081    
082                            for (int i = 0; i < roles.size(); i++) {
083                                    Role role = roles.get(i);
084    
085                                    roleIds[i] = role.getRoleId();
086                            }
087    
088                            Arrays.sort(roleIds);
089    
090                            _roleIds = roleIds;
091                    }
092    
093                    return _roleIds;
094            }
095    
096            public List<Role> getRoles() {
097                    return _roles;
098            }
099    
100            /**
101             * @deprecated As of 6.1, renamed to {@link #isGroupAdmin(PermissionChecker,
102             *             Group)}
103             */
104            public boolean isCommunityAdmin(
105                            PermissionChecker permissionChecker, Group group)
106                    throws Exception {
107    
108                    return isGroupAdmin(permissionChecker, group);
109            }
110    
111            /**
112             * @deprecated As of 6.1, renamed to {@link #isGroupOwner(PermissionChecker,
113             *             Group)}
114             */
115            public boolean isCommunityOwner(
116                            PermissionChecker permissionChecker, Group group)
117                    throws Exception {
118    
119                    return isGroupOwner(permissionChecker, group);
120            }
121    
122            public boolean isGroupAdmin(
123                            PermissionChecker permissionChecker, Group group)
124                    throws Exception {
125    
126                    Boolean value = _groupAdmins.get(group.getGroupId());
127    
128                    if (value == null) {
129                            value = Boolean.valueOf(
130                                    isGroupAdminImpl(permissionChecker, group));
131    
132                            _groupAdmins.put(group.getGroupId(), value);
133                    }
134    
135                    return value.booleanValue();
136            }
137    
138            public boolean isGroupOwner(
139                            PermissionChecker permissionChecker, Group group)
140                    throws Exception {
141    
142                    Boolean value = _groupOwners.get(group.getGroupId());
143    
144                    if (value == null) {
145                            value = Boolean.valueOf(
146                                    isGroupOwnerImpl(permissionChecker, group));
147    
148                            _groupOwners.put(group.getGroupId(), value);
149                    }
150    
151                    return value.booleanValue();
152            }
153    
154            protected boolean isGroupAdminImpl(
155                            PermissionChecker permissionChecker, Group group)
156                    throws PortalException, SystemException {
157    
158                    if (group.isSite()) {
159                            if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
160                                            _userId, group.getGroupId(),
161                                            RoleConstants.SITE_ADMINISTRATOR, true) ||
162                                    UserGroupRoleLocalServiceUtil.hasUserGroupRole(
163                                            _userId, group.getGroupId(),
164                                            RoleConstants.SITE_OWNER, true)) {
165    
166                                    return true;
167                            }
168                    }
169    
170                    if (group.isCompany()) {
171                            if (permissionChecker.isCompanyAdmin()) {
172                                    return true;
173                            }
174                            else {
175                                    return false;
176                            }
177                    }
178                    else if (group.isLayoutPrototype()) {
179                            if (LayoutPrototypePermissionUtil.contains(
180                                            permissionChecker, group.getClassPK(), ActionKeys.UPDATE)) {
181    
182                                    return true;
183                            }
184                            else {
185                                    return false;
186                            }
187                    }
188                    else if (group.isLayoutSetPrototype()) {
189                            if (LayoutSetPrototypePermissionUtil.contains(
190                                            permissionChecker, group.getClassPK(), ActionKeys.UPDATE)) {
191    
192                                    return true;
193                            }
194                            else {
195                                    return false;
196                            }
197                    }
198                    else if (group.isOrganization()) {
199                            long organizationId = group.getOrganizationId();
200    
201                            while (organizationId !=
202                                                    OrganizationConstants.DEFAULT_PARENT_ORGANIZATION_ID) {
203    
204                                    Organization organization =
205                                            OrganizationLocalServiceUtil.getOrganization(
206                                                    organizationId);
207    
208                                    Group organizationGroup = organization.getGroup();
209    
210                                    long organizationGroupId = organizationGroup.getGroupId();
211    
212                                    if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
213                                                    _userId, organizationGroupId,
214                                                    RoleConstants.ORGANIZATION_ADMINISTRATOR, true) ||
215                                            UserGroupRoleLocalServiceUtil.hasUserGroupRole(
216                                                    _userId, organizationGroupId,
217                                                    RoleConstants.ORGANIZATION_OWNER, true)) {
218    
219                                            return true;
220                                    }
221    
222                                    organizationId = organization.getParentOrganizationId();
223                            }
224                    }
225    
226                    return false;
227            }
228    
229            protected boolean isGroupOwnerImpl(
230                            PermissionChecker permissionChecker, Group group)
231                    throws PortalException, SystemException {
232    
233                    if (group.isSite()) {
234                            if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
235                                            _userId, group.getGroupId(), RoleConstants.SITE_OWNER,
236                                            true)) {
237    
238                                    return true;
239                            }
240                    }
241    
242                    if (group.isLayoutPrototype()) {
243                            if (LayoutPrototypePermissionUtil.contains(
244                                            permissionChecker, group.getClassPK(), ActionKeys.UPDATE)) {
245    
246                                    return true;
247                            }
248                            else {
249                                    return false;
250                            }
251                    }
252                    else if (group.isLayoutSetPrototype()) {
253                            if (LayoutSetPrototypePermissionUtil.contains(
254                                            permissionChecker, group.getClassPK(), ActionKeys.UPDATE)) {
255    
256                                    return true;
257                            }
258                            else {
259                                    return false;
260                            }
261                    }
262                    else if (group.isOrganization()) {
263                            long organizationId = group.getOrganizationId();
264    
265                            while (organizationId !=
266                                                    OrganizationConstants.DEFAULT_PARENT_ORGANIZATION_ID) {
267    
268                                    Organization organization =
269                                            OrganizationLocalServiceUtil.getOrganization(
270                                                    organizationId);
271    
272                                    Group organizationGroup = organization.getGroup();
273    
274                                    long organizationGroupId = organizationGroup.getGroupId();
275    
276                                    if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
277                                                    _userId, organizationGroupId,
278                                                    RoleConstants.ORGANIZATION_OWNER, true)) {
279    
280                                            return true;
281                                    }
282    
283                                    organizationId = organization.getParentOrganizationId();
284                            }
285                    }
286                    else if (group.isUser()) {
287                            long userId = group.getClassPK();
288    
289                            if (userId == _userId) {
290                                    return true;
291                            }
292                    }
293    
294                    return false;
295            }
296    
297            private long _userId;
298            private List<Group> _userGroups;
299            private List<Organization> _userOrgs;
300            private List<Group> _userOrgGroups;
301            private List<Group> _userUserGroupGroups;
302            private List<Group> _groups;
303            private long[] _roleIds;
304            private List<Role> _roles;
305            private Map<Long, Boolean> _groupAdmins = new HashMap<Long, Boolean>();
306            private Map<Long, Boolean> _groupOwners = new HashMap<Long, Boolean>();
307    
308    }