001
014
015 package com.liferay.portal.service.permission;
016
017 import com.liferay.portal.kernel.exception.PortalException;
018 import com.liferay.portal.kernel.exception.SystemException;
019 import com.liferay.portal.model.Group;
020 import com.liferay.portal.model.User;
021 import com.liferay.portal.security.auth.PrincipalException;
022 import com.liferay.portal.security.permission.ActionKeys;
023 import com.liferay.portal.security.permission.PermissionChecker;
024 import com.liferay.portal.service.GroupLocalServiceUtil;
025 import com.liferay.portal.service.UserLocalServiceUtil;
026
027
031 public class GroupPermissionImpl implements GroupPermission {
032
033 @Override
034 public void check(
035 PermissionChecker permissionChecker, Group group, String actionId)
036 throws PortalException, SystemException {
037
038 if (!contains(permissionChecker, group, actionId)) {
039 throw new PrincipalException();
040 }
041 }
042
043 @Override
044 public void check(
045 PermissionChecker permissionChecker, long groupId, String actionId)
046 throws PortalException, SystemException {
047
048 if (!contains(permissionChecker, groupId, actionId)) {
049 throw new PrincipalException();
050 }
051 }
052
053 @Override
054 public void check(PermissionChecker permissionChecker, String actionId)
055 throws PortalException {
056
057 if (!contains(permissionChecker, actionId)) {
058 throw new PrincipalException();
059 }
060 }
061
062 @Override
063 public boolean contains(
064 PermissionChecker permissionChecker, Group group, String actionId)
065 throws PortalException, SystemException {
066
067 long groupId = group.getGroupId();
068
069 if (group.isStagingGroup()) {
070 group = group.getLiveGroup();
071 }
072
073 if (group.isUser()) {
074
075
076
077
078
079
080 User user = UserLocalServiceUtil.getUserById(group.getClassPK());
081
082 if ((permissionChecker.getUserId() != user.getUserId()) &&
083 UserPermissionUtil.contains(
084 permissionChecker, user.getUserId(),
085 user.getOrganizationIds(), ActionKeys.UPDATE)) {
086
087 return true;
088 }
089 }
090
091 if (actionId.equals(ActionKeys.ADD_LAYOUT) &&
092 permissionChecker.hasPermission(
093 groupId, Group.class.getName(), groupId,
094 ActionKeys.MANAGE_LAYOUTS)) {
095
096 return true;
097 }
098 else if ((actionId.equals(ActionKeys.EXPORT_IMPORT_LAYOUTS) ||
099 actionId.equals(ActionKeys.EXPORT_IMPORT_PORTLET_INFO)) &&
100 permissionChecker.hasPermission(
101 groupId, Group.class.getName(), groupId,
102 ActionKeys.PUBLISH_STAGING)) {
103
104 return true;
105 }
106 else if (actionId.equals(ActionKeys.VIEW) &&
107 (permissionChecker.hasPermission(
108 groupId, Group.class.getName(), groupId,
109 ActionKeys.ASSIGN_USER_ROLES) ||
110 permissionChecker.hasPermission(
111 groupId, Group.class.getName(), groupId,
112 ActionKeys.MANAGE_LAYOUTS))) {
113
114 return true;
115 }
116 else if (actionId.equals(ActionKeys.VIEW_STAGING) &&
117 (permissionChecker.hasPermission(
118 groupId, Group.class.getName(), groupId,
119 ActionKeys.MANAGE_LAYOUTS) ||
120 permissionChecker.hasPermission(
121 groupId, Group.class.getName(), groupId,
122 ActionKeys.MANAGE_STAGING) ||
123 permissionChecker.hasPermission(
124 groupId, Group.class.getName(), groupId,
125 ActionKeys.PUBLISH_STAGING) ||
126 permissionChecker.hasPermission(
127 groupId, Group.class.getName(), groupId,
128 ActionKeys.UPDATE))) {
129
130 return true;
131 }
132
133
134
135 return permissionChecker.hasPermission(
136 groupId, Group.class.getName(), groupId, actionId);
137 }
138
139 @Override
140 public boolean contains(
141 PermissionChecker permissionChecker, long groupId, String actionId)
142 throws PortalException, SystemException {
143
144 Group group = GroupLocalServiceUtil.getGroup(groupId);
145
146 return contains(permissionChecker, group, actionId);
147 }
148
149 @Override
150 public boolean contains(
151 PermissionChecker permissionChecker, String actionId) {
152
153 return permissionChecker.hasPermission(
154 0, Group.class.getName(), 0, actionId);
155 }
156
157 }