001
014
015 package com.liferay.portlet.usersadmin.search;
016
017 import com.liferay.portal.kernel.dao.search.RowChecker;
018 import com.liferay.portal.kernel.log.Log;
019 import com.liferay.portal.kernel.log.LogFactoryUtil;
020 import com.liferay.portal.model.Organization;
021 import com.liferay.portal.model.User;
022 import com.liferay.portal.security.auth.MembershipPolicyUtil;
023 import com.liferay.portal.security.permission.ActionKeys;
024 import com.liferay.portal.security.permission.PermissionChecker;
025 import com.liferay.portal.security.permission.PermissionThreadLocal;
026 import com.liferay.portal.service.UserLocalServiceUtil;
027 import com.liferay.portal.service.permission.UserPermissionUtil;
028 import com.liferay.portal.util.PropsValues;
029
030 import java.util.Set;
031
032 import javax.portlet.RenderResponse;
033
034
038 public class UserOrganizationChecker extends RowChecker {
039
040 public UserOrganizationChecker(
041 RenderResponse renderResponse, Organization organization) {
042
043 super(renderResponse);
044
045 _organization = organization;
046 }
047
048 @Override
049 public boolean isChecked(Object obj) {
050 User user = (User)obj;
051
052 try {
053 return UserLocalServiceUtil.hasOrganizationUser(
054 _organization.getOrganizationId(), user.getUserId());
055 }
056 catch (Exception e) {
057 _log.error(e, e);
058
059 return false;
060 }
061 }
062
063 @Override
064 public boolean isDisabled(Object obj) {
065 if (!PropsValues.ORGANIZATIONS_ASSIGNMENT_STRICT) {
066 return false;
067 }
068
069 User user = (User)obj;
070
071 if (isChecked(user)) {
072 Set<Organization> mandatoryOrganizations =
073 MembershipPolicyUtil.getMandatoryOrganizations(user);
074
075 if (mandatoryOrganizations.contains(_organization) ||
076 !MembershipPolicyUtil.isMembershipAllowed(
077 _organization, user)) {
078
079 return true;
080 }
081 }
082
083 try {
084 PermissionChecker permissionChecker =
085 PermissionThreadLocal.getPermissionChecker();
086
087 if (MembershipPolicyUtil.isMembershipProtected(
088 permissionChecker, _organization, user)) {
089
090 return true;
091 }
092
093 return !UserPermissionUtil.contains(
094 permissionChecker, user.getUserId(), ActionKeys.UPDATE);
095 }
096 catch (Exception e) {
097 _log.error(e, e);
098
099 return false;
100 }
101 }
102
103 private static Log _log = LogFactoryUtil.getLog(
104 UserOrganizationChecker.class);
105
106 private Organization _organization;
107
108 }