001
014
015 package com.liferay.portlet.messageboards.service.permission;
016
017 import com.liferay.portal.kernel.exception.PortalException;
018 import com.liferay.portal.kernel.exception.SystemException;
019 import com.liferay.portal.kernel.workflow.permission.WorkflowPermissionUtil;
020 import com.liferay.portal.security.auth.PrincipalException;
021 import com.liferay.portal.security.permission.PermissionChecker;
022 import com.liferay.portal.security.permission.ResourceActionsUtil;
023 import com.liferay.portal.util.PropsValues;
024 import com.liferay.portlet.messageboards.model.MBMessage;
025 import com.liferay.portlet.messageboards.service.MBBanLocalServiceUtil;
026 import com.liferay.portlet.messageboards.service.MBMessageLocalServiceUtil;
027
028 import java.util.List;
029
030
033 public class MBDiscussionPermission {
034
035 public static void check(
036 PermissionChecker permissionChecker, long companyId, long groupId,
037 String className, long classPK, long messageId, long ownerId,
038 String actionId)
039 throws PortalException, SystemException {
040
041 if (!contains(
042 permissionChecker, companyId, groupId, className, classPK,
043 messageId, ownerId, actionId)) {
044
045 throw new PrincipalException();
046 }
047 }
048
049 public static void check(
050 PermissionChecker permissionChecker, long companyId, long groupId,
051 String className, long classPK, long ownerId, String actionId)
052 throws PortalException, SystemException {
053
054 if (!contains(
055 permissionChecker, companyId, groupId, className, classPK,
056 ownerId, actionId)) {
057
058 throw new PrincipalException();
059 }
060 }
061
062 public static boolean contains(
063 PermissionChecker permissionChecker, long companyId, long groupId,
064 String className, long classPK, long messageId, long ownerId,
065 String actionId)
066 throws PortalException, SystemException {
067
068 MBMessage message = MBMessageLocalServiceUtil.getMessage(
069 messageId);
070
071 if (PropsValues.DISCUSSION_COMMENTS_ALWAYS_EDITABLE_BY_OWNER &&
072 (permissionChecker.getUserId() == message.getUserId())) {
073
074 return true;
075 }
076
077 if (message.isPending()) {
078 Boolean hasPermission = WorkflowPermissionUtil.hasPermission(
079 permissionChecker, message.getGroupId(),
080 message.getWorkflowClassName(), message.getMessageId(),
081 actionId);
082
083 if (hasPermission != null) {
084 return hasPermission.booleanValue();
085 }
086 }
087
088 return contains(
089 permissionChecker, companyId, groupId, className, classPK, ownerId,
090 actionId);
091 }
092
093 public static boolean contains(
094 PermissionChecker permissionChecker, long companyId, long groupId,
095 String className, long classPK, long ownerId, String actionId)
096 throws SystemException {
097
098 List<String> resourceActions = ResourceActionsUtil.getResourceActions(
099 className);
100
101 if (!resourceActions.contains(actionId)) {
102 return true;
103 }
104
105 if (MBBanLocalServiceUtil.hasBan(
106 groupId, permissionChecker.getUserId())) {
107
108 return false;
109 }
110
111 if ((ownerId > 0) &&
112 permissionChecker.hasOwnerPermission(
113 companyId, className, classPK, ownerId, actionId)) {
114
115 return true;
116 }
117
118 return permissionChecker.hasPermission(
119 groupId, className, classPK, actionId);
120 }
121
122 }