001    /**
002     * Copyright (c) 2000-2012 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.service.impl;
016    
017    import com.liferay.portal.kernel.exception.PortalException;
018    import com.liferay.portal.kernel.exception.SystemException;
019    import com.liferay.portal.model.Group;
020    import com.liferay.portal.model.Role;
021    import com.liferay.portal.model.User;
022    import com.liferay.portal.security.permission.ActionKeys;
023    import com.liferay.portal.service.ServiceContext;
024    import com.liferay.portal.service.base.RoleServiceBaseImpl;
025    import com.liferay.portal.service.permission.PortalPermissionUtil;
026    import com.liferay.portal.service.permission.RolePermissionUtil;
027    import com.liferay.portal.service.permission.UserPermissionUtil;
028    
029    import java.util.ArrayList;
030    import java.util.List;
031    import java.util.Locale;
032    import java.util.Map;
033    
034    /**
035     * The implementation of the role remote service.
036     *
037     * @author Brian Wing Shun Chan
038     */
039    public class RoleServiceImpl extends RoleServiceBaseImpl {
040    
041            /**
042             * Adds a role. The user is reindexed after role is added.
043             *
044             * @param  className the name of the class for which the role is created
045             * @param  classPK the primary key of the class for which the role is
046             *         created (optionally <code>0</code>)
047             * @param  name the role's name
048             * @param  titleMap the role's localized titles (optionally
049             *         <code>null</code>)
050             * @param  descriptionMap the role's localized descriptions (optionally
051             *         <code>null</code>)
052             * @param  type the role's type (optionally <code>0</code>)
053             * @param  subType the role's subtype (optionally <code>null</code>)
054             * @param  serviceContext the role's service context (optionally
055             *         <code>null</code>). Can set the expando bridge attributes for the
056             *         role.
057             * @return the role
058             * @throws PortalException if a user with the primary key could not be
059             *         found, if the user did not have permission to add roles, if the
060             *         class name or the role name were invalid, or if the role is a
061             *         duplicate
062             * @throws SystemException if a system exception occurred
063             */
064            public Role addRole(
065                            String className, long classPK, String name,
066                            Map<Locale, String> titleMap, Map<Locale, String> descriptionMap,
067                            int type, String subType, ServiceContext serviceContext)
068                    throws PortalException, SystemException {
069    
070                    PortalPermissionUtil.check(getPermissionChecker(), ActionKeys.ADD_ROLE);
071    
072                    User user = getUser();
073    
074                    return roleLocalService.addRole(
075                            user.getUserId(), className, classPK, name, titleMap,
076                            descriptionMap, type, subType, serviceContext);
077            }
078    
079            /**
080             * Adds a role. The user is reindexed after role is added.
081             *
082             * @param      name the role's name
083             * @param      titleMap the role's localized titles (optionally
084             *             <code>null</code>)
085             * @param      descriptionMap the role's localized descriptions (optionally
086             *             <code>null</code>)
087             * @param      type the role's type (optionally <code>0</code>)
088             * @return     the role
089             * @throws     PortalException if a user with the primary key could not be
090             *             found, if the user did not have permission to add roles, if
091             *             the class name or the role name were invalid, or if the role
092             *             is a duplicate
093             * @throws     SystemException if a system exception occurred
094             * @deprecated {@link #addRole(String, long, String, Map, Map, int, String,
095             *             ServiceContext)}
096             */
097            public Role addRole(
098                            String name, Map<Locale, String> titleMap,
099                            Map<Locale, String> descriptionMap, int type)
100                    throws PortalException, SystemException {
101    
102                    return addRole(
103                            null, 0, name, titleMap, descriptionMap, type, null, null);
104            }
105    
106            /**
107             * Adds the roles to the user. The user is reindexed after the roles are
108             * added.
109             *
110             * @param  userId the primary key of the user
111             * @param  roleIds the primary keys of the roles
112             * @throws PortalException if a user with the primary key could not be found
113             *         or if the user did not have permission to assign members to one
114             *         of the roles
115             * @throws SystemException if a system exception occurred
116             */
117            public void addUserRoles(long userId, long[] roleIds)
118                    throws PortalException, SystemException {
119    
120                    checkUserRolesPermission(userId, roleIds);
121    
122                    roleLocalService.addUserRoles(userId, roleIds);
123            }
124    
125            /**
126             * Deletes the role with the primary key and its associated permissions.
127             *
128             * @param  roleId the primary key of the role
129             * @throws PortalException if the user did not have permission to delete the
130             *         role, if a role with the primary key could not be found, if the
131             *         role is a default system role, or if the role's resource could
132             *         not be found
133             * @throws SystemException if a system exception occurred
134             */
135            public void deleteRole(long roleId)
136                    throws PortalException, SystemException {
137    
138                    RolePermissionUtil.check(
139                            getPermissionChecker(), roleId, ActionKeys.DELETE);
140    
141                    roleLocalService.deleteRole(roleId);
142            }
143    
144            /**
145             * Returns all the roles associated with the group.
146             *
147             * @param  groupId the primary key of the group
148             * @return the roles associated with the group
149             * @throws PortalException if a portal exception occurred
150             * @throws SystemException if a system exception occurred
151             */
152            public List<Role> getGroupRoles(long groupId)
153                    throws PortalException, SystemException {
154    
155                    List<Role> roles = roleLocalService.getGroupRoles(groupId);
156    
157                    return filterRoles(roles);
158            }
159    
160            /**
161             * Returns the role with the primary key.
162             *
163             * @param  roleId the primary key of the role
164             * @return the role with the primary key
165             * @throws PortalException if a role with the primary key could not be found
166             *         or if the user did not have permission to view the role
167             * @throws SystemException if a system exception occurred
168             */
169            public Role getRole(long roleId) throws PortalException, SystemException {
170                    RolePermissionUtil.check(
171                            getPermissionChecker(), roleId, ActionKeys.VIEW);
172    
173                    return roleLocalService.getRole(roleId);
174            }
175    
176            /**
177             * Returns the role with the name in the company.
178             *
179             * <p>
180             * The method searches the system roles map first for default roles. If a
181             * role with the name is not found, then the method will query the database.
182             * </p>
183             *
184             * @param  companyId the primary key of the company
185             * @param  name the role's name
186             * @return the role with the name
187             * @throws PortalException if a role with the name could not be found in the
188             *         company or if the user did not have permission to view the role
189             * @throws SystemException if a system exception occurred
190             */
191            public Role getRole(long companyId, String name)
192                    throws PortalException, SystemException {
193    
194                    Role role = roleLocalService.getRole(companyId, name);
195    
196                    RolePermissionUtil.check(
197                            getPermissionChecker(), role.getRoleId(), ActionKeys.VIEW);
198    
199                    return role;
200            }
201    
202            /**
203             * Returns all the user's roles within the user group.
204             *
205             * @param  userId the primary key of the user
206             * @param  groupId the primary key of the group
207             * @return the user's roles within the user group
208             * @throws PortalException if a portal exception occurred
209             * @throws SystemException if a system exception occurred
210             */
211            public List<Role> getUserGroupGroupRoles(long userId, long groupId)
212                    throws PortalException, SystemException {
213    
214                    UserPermissionUtil.check(
215                            getPermissionChecker(), userId, ActionKeys.VIEW);
216    
217                    List<Role> roles = roleLocalService.getUserGroupGroupRoles(
218                            userId, groupId);
219    
220                    return filterRoles(roles);
221            }
222    
223            /**
224             * Returns all the user's roles within the user group.
225             *
226             * @param  userId the primary key of the user
227             * @param  groupId the primary key of the group
228             * @return the user's roles within the user group
229             * @throws PortalException if a portal exception occurred
230             * @throws SystemException if a system exception occurred
231             */
232            public List<Role> getUserGroupRoles(long userId, long groupId)
233                    throws PortalException, SystemException {
234    
235                    UserPermissionUtil.check(
236                            getPermissionChecker(), userId, ActionKeys.VIEW);
237    
238                    List<Role> roles = roleLocalService.getUserGroupRoles(userId, groupId);
239    
240                    return filterRoles(roles);
241            }
242    
243            /**
244             * Returns the union of all the user's roles within the groups.
245             *
246             * @param  userId the primary key of the user
247             * @param  groups the groups (optionally <code>null</code>)
248             * @return the union of all the user's roles within the groups
249             * @throws PortalException if a portal exception occurred
250             * @throws SystemException if a system exception occurred
251             */
252            public List<Role> getUserRelatedRoles(long userId, List<Group> groups)
253                    throws PortalException, SystemException {
254    
255                    UserPermissionUtil.check(
256                            getPermissionChecker(), userId, ActionKeys.VIEW);
257    
258                    List<Role> roles = roleLocalService.getUserRelatedRoles(userId, groups);
259    
260                    return filterRoles(roles);
261            }
262    
263            /**
264             * Returns all the roles associated with the user.
265             *
266             * @param  userId the primary key of the user
267             * @return the roles associated with the user
268             * @throws PortalException if a portal exception occurred
269             * @throws SystemException if a system exception occurred
270             */
271            public List<Role> getUserRoles(long userId)
272                    throws PortalException, SystemException {
273    
274                    UserPermissionUtil.check(
275                            getPermissionChecker(), userId, ActionKeys.VIEW);
276    
277                    List<Role> roles = roleLocalService.getUserRoles(userId);
278    
279                    return filterRoles(roles);
280            }
281    
282            /**
283             * Returns <code>true</code> if the user is associated with the named
284             * regular role.
285             *
286             * @param  userId the primary key of the user
287             * @param  companyId the primary key of the company
288             * @param  name the name of the role
289             * @param  inherited whether to include the user's inherited roles in the
290             *         search
291             * @return <code>true</code> if the user is associated with the regular
292             *         role; <code>false</code> otherwise
293             * @throws PortalException if a role with the name could not be found in the
294             *         company or if a default user for the company could not be found
295             * @throws SystemException if a system exception occurred
296             */
297            public boolean hasUserRole(
298                            long userId, long companyId, String name, boolean inherited)
299                    throws PortalException, SystemException {
300    
301                    UserPermissionUtil.check(
302                            getPermissionChecker(), userId, ActionKeys.VIEW);
303    
304                    return roleLocalService.hasUserRole(userId, companyId, name, inherited);
305            }
306    
307            /**
308             * Returns <code>true</code> if the user has any one of the named regular
309             * roles.
310             *
311             * @param  userId the primary key of the user
312             * @param  companyId the primary key of the company
313             * @param  names the names of the roles
314             * @param  inherited whether to include the user's inherited roles in the
315             *         search
316             * @return <code>true</code> if the user has any one of the regular roles;
317             *         <code>false</code> otherwise
318             * @throws PortalException if any one of the roles with the names could not
319             *         be found in the company or if the default user for the company
320             *         could not be found
321             * @throws SystemException if a system exception occurred
322             */
323            public boolean hasUserRoles(
324                            long userId, long companyId, String[] names, boolean inherited)
325                    throws PortalException, SystemException {
326    
327                    UserPermissionUtil.check(
328                            getPermissionChecker(), userId, ActionKeys.VIEW);
329    
330                    return roleLocalService.hasUserRoles(
331                            userId, companyId, names, inherited);
332            }
333    
334            /**
335             * Removes the matching roles associated with the user. The user is
336             * reindexed after the roles are removed.
337             *
338             * @param  userId the primary key of the user
339             * @param  roleIds the primary keys of the roles
340             * @throws PortalException if a user with the primary key could not be
341             *         found, if the user did not have permission to remove members from
342             *         a role, or if a role with any one of the primary keys could not
343             *         be found
344             * @throws SystemException if a system exception occurred
345             */
346            public void unsetUserRoles(long userId, long[] roleIds)
347                    throws PortalException, SystemException {
348    
349                    checkUserRolesPermission(userId, roleIds);
350    
351                    roleLocalService.unsetUserRoles(userId, roleIds);
352            }
353    
354            /**
355             * Updates the role with the primary key.
356             *
357             * @param  roleId the primary key of the role
358             * @param  name the role's new name
359             * @param  titleMap the new localized titles (optionally <code>null</code>)
360             *         to replace those existing for the role
361             * @param  descriptionMap the new localized descriptions (optionally
362             *         <code>null</code>) to replace those existing for the role
363             * @param  subtype the role's new subtype (optionally <code>null</code>)
364             * @param  serviceContext the role's service context (optionally
365             *         <code>null</code>). Can set the expando bridge attributes for the
366             *         role.
367             * @return the role with the primary key
368             * @throws PortalException if the user did not have permission to update the
369             *         role, if a role with the primary could not be found, or if the
370             *         role's name was invalid
371             * @throws SystemException if a system exception occurred
372             */
373            public Role updateRole(
374                            long roleId, String name, Map<Locale, String> titleMap,
375                            Map<Locale, String> descriptionMap, String subtype,
376                            ServiceContext serviceContext)
377                    throws PortalException, SystemException {
378    
379                    RolePermissionUtil.check(
380                            getPermissionChecker(), roleId, ActionKeys.UPDATE);
381    
382                    return roleLocalService.updateRole(
383                            roleId, name, titleMap, descriptionMap, subtype, serviceContext);
384            }
385    
386            protected void checkUserRolesPermission(long userId, long[] roleIds)
387                    throws PortalException {
388    
389                    for (int i = 0; i < roleIds.length; i++) {
390                            RolePermissionUtil.check(
391                                    getPermissionChecker(), roleIds[i], ActionKeys.ASSIGN_MEMBERS);
392                    }
393            }
394    
395            protected List<Role> filterRoles(List<Role> roles) throws PortalException {
396                    List<Role> filteredRoles = new ArrayList<Role>();
397    
398                    for (Role role : roles) {
399                            if (RolePermissionUtil.contains(
400                                            getPermissionChecker(), role.getRoleId(),
401                                            ActionKeys.VIEW)) {
402    
403                                    filteredRoles.add(role);
404                            }
405                    }
406    
407                    return filteredRoles;
408            }
409    
410    }