001    /**
002     * Copyright (c) 2000-2012 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portlet.usersadmin.search;
016    
017    import com.liferay.portal.kernel.dao.search.RowChecker;
018    import com.liferay.portal.kernel.log.Log;
019    import com.liferay.portal.kernel.log.LogFactoryUtil;
020    import com.liferay.portal.model.Organization;
021    import com.liferay.portal.model.User;
022    import com.liferay.portal.security.auth.MembershipPolicyUtil;
023    import com.liferay.portal.security.permission.ActionKeys;
024    import com.liferay.portal.security.permission.PermissionChecker;
025    import com.liferay.portal.security.permission.PermissionThreadLocal;
026    import com.liferay.portal.service.UserLocalServiceUtil;
027    import com.liferay.portal.service.permission.UserPermissionUtil;
028    import com.liferay.portal.util.PropsValues;
029    
030    import java.util.Set;
031    
032    import javax.portlet.RenderResponse;
033    
034    /**
035     * @author Brian Wing Shun Chan
036     * @author Jorge Ferrer
037     */
038    public class UserOrganizationChecker extends RowChecker {
039    
040            public UserOrganizationChecker(
041                    RenderResponse renderResponse, Organization organization) {
042    
043                    super(renderResponse);
044    
045                    _organization = organization;
046            }
047    
048            @Override
049            public boolean isChecked(Object obj) {
050                    User user = (User)obj;
051    
052                    try {
053                            return UserLocalServiceUtil.hasOrganizationUser(
054                                    _organization.getOrganizationId(), user.getUserId());
055                    }
056                    catch (Exception e) {
057                            _log.error(e, e);
058    
059                            return false;
060                    }
061            }
062    
063            @Override
064            public boolean isDisabled(Object obj) {
065                    if (!PropsValues.ORGANIZATIONS_ASSIGNMENT_STRICT) {
066                            return false;
067                    }
068    
069                    User user = (User)obj;
070    
071                    if (isChecked(user)) {
072                            Set<Organization> mandatoryOrganizations =
073                                    MembershipPolicyUtil.getMandatoryOrganizations(user);
074    
075                            if (mandatoryOrganizations.contains(_organization) ||
076                                    !MembershipPolicyUtil.isMembershipAllowed(
077                                            _organization, user)) {
078    
079                                    return true;
080                            }
081                    }
082    
083                    try {
084                            PermissionChecker permissionChecker =
085                                    PermissionThreadLocal.getPermissionChecker();
086    
087                            if (MembershipPolicyUtil.isMembershipProtected(
088                                            permissionChecker, _organization, user)) {
089    
090                                    return true;
091                            }
092    
093                            return !UserPermissionUtil.contains(
094                                    permissionChecker, user.getUserId(), ActionKeys.UPDATE);
095                    }
096                    catch (Exception e) {
097                            _log.error(e, e);
098    
099                            return false;
100                    }
101            }
102    
103            private static Log _log = LogFactoryUtil.getLog(
104                    UserOrganizationChecker.class);
105    
106            private Organization _organization;
107    
108    }