001    /**
002     * Copyright (c) 2000-2012 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.security.permission;
016    
017    import com.liferay.portal.model.User;
018    
019    import java.util.List;
020    
021    import javax.portlet.PortletRequest;
022    
023    /**
024     * @author Brian Wing Shun Chan
025     */
026    public interface PermissionChecker extends Cloneable {
027    
028            public static final long[] DEFAULT_ROLE_IDS = {};
029    
030            public PermissionChecker clone();
031    
032            /**
033             * Returns the primary key of the user's company.
034             *
035             * @return the primary key of the user's company
036             */
037            public long getCompanyId();
038    
039            public List<Long> getGuestResourceBlockIds(
040                    long companyId, long groupId, String name, String actionId);
041    
042            public List<Long> getOwnerResourceBlockIds(
043                    long companyId, long groupId, String name, String actionId);
044    
045            /**
046             * Returns the primary key of the owner role. This role is automatically
047             * given to the creator of a resource.
048             *
049             * @return the primary key of the owner role
050             */
051            public long getOwnerRoleId();
052    
053            public List<Long> getResourceBlockIds(
054                    long companyId, long groupId, long userId, String name,
055                    String actionId);
056    
057            /**
058             * Returns the primary keys of the roles the user has within the group.
059             *
060             * @param  userId the primary key of the user
061             * @param  groupId the primary key of the group
062             * @return the primary keys of the roles the user has within the group
063             */
064            public long[] getRoleIds(long userId, long groupId);
065    
066            /**
067             * Returns the primary key of the user.
068             *
069             * @return the primary key of the user
070             */
071            public long getUserId();
072    
073            /**
074             * Returns <code>true</code> if the user is the owner of the resource and
075             * has permission to perform the action.
076             *
077             * @param  companyId the primary key of the user's company
078             * @param  name the resource's name, which can be either a class name or a
079             *         portlet ID
080             * @param  primKey the primary key of the resource
081             * @param  ownerId the primary key of the resource's owner
082             * @param  actionId the action ID
083             * @return <code>true</code> if the user is the owner of the resource and
084             *         has permission to perform the action; <code>false</code>
085             *         otherwise
086             */
087            public boolean hasOwnerPermission(
088                    long companyId, String name, long primKey, long ownerId,
089                    String actionId);
090    
091            /**
092             * Returns <code>true</code> if the user is the owner of the resource and
093             * has permission to perform the action.
094             *
095             * @param  companyId the primary key of the user's company
096             * @param  name the resource's name, which can be either a class name or a
097             *         portlet ID
098             * @param  primKey the primary key of the resource
099             * @param  ownerId the primary key of the resource's owner
100             * @param  actionId the action ID
101             * @return <code>true</code> if the user is the owner of the resource and
102             *         has permission to perform the action; <code>false</code>
103             *         otherwise
104             */
105            public boolean hasOwnerPermission(
106                    long companyId, String name, String primKey, long ownerId,
107                    String actionId);
108    
109            /**
110             * Returns <code>true</code> if the user has permission to perform the
111             * action on the resource.
112             *
113             * @param  groupId the primary key of the group containing the resource
114             * @param  name the resource's name, which can be either a class name or a
115             *         portlet ID
116             * @param  primKey the primary key of the resource
117             * @param  actionId the action ID
118             * @return <code>true</code> if the user has permission to perform the
119             *         action on the resource; <code>false</code> otherwise
120             */
121            public boolean hasPermission(
122                    long groupId, String name, long primKey, String actionId);
123    
124            /**
125             * Returns <code>true</code> if the user has permission to perform the
126             * action on the resource.
127             *
128             * @param  groupId the primary key of the group containing the resource
129             * @param  name the resource's name, which can be either a class name or a
130             *         portlet ID
131             * @param  primKey the primary key of the resource
132             * @param  actionId the action ID
133             * @return <code>true</code> if the user has permission to perform the
134             *         action on the resource; <code>false</code> otherwise
135             */
136            public boolean hasPermission(
137                    long groupId, String name, String primKey, String actionId);
138    
139            /**
140             * Returns <code>true</code> if the user has permission to perform the
141             * action on the resource without using guest permissions.
142             *
143             * @param  groupId the primary key of the group containing the resource
144             * @param  name the resource's name, which can be either a class name or a
145             *         portlet ID
146             * @param  primKey the primary key of the resource
147             * @param  actionId the action ID
148             * @param  checkAdmin whether to use permissions gained from administrator
149             *         roles
150             * @return <code>true</code> if the user has permission to perform the
151             *         action on the resource without using guest permissions;
152             *         <code>false</code> otherwise
153             */
154            public boolean hasUserPermission(
155                    long groupId, String name, String primKey, String actionId,
156                    boolean checkAdmin);
157    
158            /**
159             * Initializes this permission checker.
160             *
161             * @param user the current user
162             * @param checkGuest whether to use guest permissions in permission checks
163             */
164            public void init(User user, boolean checkGuest);
165    
166            /**
167             * Returns <code>true</code> if guest permissions should be used in
168             * permission checks.
169             *
170             * @return <code>true</code> if guest permissions should be used in
171             *         permission checks; <code>false</code> otherwise
172             */
173            public boolean isCheckGuest();
174    
175            /**
176             * @deprecated As of 6.1, renamed to {@link #isGroupAdmin(long)}
177             */
178            public boolean isCommunityAdmin(long groupId);
179    
180            /**
181             * @deprecated As of 6.1, renamed to {@link #isGroupOwner(long)}
182             */
183            public boolean isCommunityOwner(long groupId);
184    
185            /**
186             * Returns <code>true</code> if the user is an administrator of their
187             * company.
188             *
189             * @return <code>true</code> if the user is an administrator of their
190             *         company; <code>false</code> otherwise
191             */
192            public boolean isCompanyAdmin();
193    
194            /**
195             * Returns <code>true</code> if the user is an administrator of the company.
196             *
197             * @param  companyId the primary key of the company
198             * @return <code>true</code> if the user is an administrator of the company;
199             *         <code>false</code> otherwise
200             */
201            public boolean isCompanyAdmin(long companyId);
202    
203            /**
204             * Returns <code>true</code> if the user is an administrator of the group.
205             *
206             * @param  groupId the primary key of the group
207             * @return <code>true</code> if the user is an administrator of the group;
208             *         <code>false</code> otherwise
209             */
210            public boolean isGroupAdmin(long groupId);
211    
212            /**
213             * Returns <code>true</code> if the user is the owner of the group.
214             *
215             * @param  groupId the primary key of the group
216             * @return <code>true</code> if the user is the owner of the group;
217             *         <code>false</code> otherwise
218             */
219            public boolean isGroupOwner(long groupId);
220    
221            /**
222             * Returns <code>true</code> if the user is a universal administrator.
223             *
224             * @return <code>true</code> if the user is a universal administrator;
225             *         <code>false</code> otherwise
226             * @see    com.liferay.portlet.admin.util.OmniadminUtil
227             */
228            public boolean isOmniadmin();
229    
230            /**
231             * Returns <code>true</code> if the user is signed in.
232             *
233             * @return <code>true</code> if the user is signed in; <code>false</code>
234             *         otherwise
235             */
236            public boolean isSignedIn();
237    
238            /**
239             * @deprecated Does nothing
240             */
241            public void resetValues();
242    
243            /**
244             * Sets whether to user guest permissions in permission checks
245             *
246             * @param checkGuest whether to use guest permissions in permission checks
247             */
248            public void setCheckGuest(boolean checkGuest);
249    
250            /**
251             * @deprecated Does nothing
252             */
253            public void setValues(PortletRequest portletRequest);
254    
255    }