001    /**
002     * Copyright (c) 2000-2013 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.security.permission;
016    
017    import com.liferay.portal.kernel.exception.PortalException;
018    import com.liferay.portal.kernel.exception.SystemException;
019    import com.liferay.portal.model.Group;
020    import com.liferay.portal.model.Organization;
021    import com.liferay.portal.model.OrganizationConstants;
022    import com.liferay.portal.model.Role;
023    import com.liferay.portal.model.RoleConstants;
024    import com.liferay.portal.service.OrganizationLocalServiceUtil;
025    import com.liferay.portal.service.UserGroupRoleLocalServiceUtil;
026    import com.liferay.portal.service.permission.LayoutPrototypePermissionUtil;
027    import com.liferay.portal.service.permission.LayoutSetPrototypePermissionUtil;
028    
029    import java.util.Arrays;
030    import java.util.HashMap;
031    import java.util.List;
032    import java.util.Map;
033    
034    /**
035     * @author Brian Wing Shun Chan
036     */
037    public class PermissionCheckerBagImpl implements PermissionCheckerBag {
038    
039            public PermissionCheckerBagImpl() {
040            }
041    
042            public PermissionCheckerBagImpl(
043                    long userId, List<Group> userGroups, List<Organization> userOrgs,
044                    List<Group> userOrgGroups, List<Group> userUserGroupGroups,
045                    List<Group> groups, List<Role> roles) {
046    
047                    _userId = userId;
048                    _userGroups = userGroups;
049                    _userOrgs = userOrgs;
050                    _userOrgGroups = userOrgGroups;
051                    _userUserGroupGroups = userUserGroupGroups;
052                    _groups = groups;
053                    _roles = roles;
054            }
055    
056            public List<Group> getGroups() {
057                    return _groups;
058            }
059    
060            public long[] getRoleIds() {
061                    if (_roleIds == null) {
062                            List<Role> roles = getRoles();
063    
064                            long[] roleIds = new long[roles.size()];
065    
066                            for (int i = 0; i < roles.size(); i++) {
067                                    Role role = roles.get(i);
068    
069                                    roleIds[i] = role.getRoleId();
070                            }
071    
072                            Arrays.sort(roleIds);
073    
074                            _roleIds = roleIds;
075                    }
076    
077                    return _roleIds;
078            }
079    
080            public List<Role> getRoles() {
081                    return _roles;
082            }
083    
084            public List<Group> getUserGroups() {
085                    return _userGroups;
086            }
087    
088            public List<Group> getUserOrgGroups() {
089                    return _userOrgGroups;
090            }
091    
092            public List<Organization> getUserOrgs() {
093                    return _userOrgs;
094            }
095    
096            public List<Group> getUserUserGroupGroups() {
097                    return _userUserGroupGroups;
098            }
099    
100            /**
101             * @deprecated As of 6.1, renamed to {@link #isGroupAdmin(PermissionChecker,
102             *             Group)}
103             */
104            public boolean isCommunityAdmin(
105                            PermissionChecker permissionChecker, Group group)
106                    throws Exception {
107    
108                    return isGroupAdmin(permissionChecker, group);
109            }
110    
111            /**
112             * @deprecated As of 6.1, renamed to {@link #isGroupOwner(PermissionChecker,
113             *             Group)}
114             */
115            public boolean isCommunityOwner(
116                            PermissionChecker permissionChecker, Group group)
117                    throws Exception {
118    
119                    return isGroupOwner(permissionChecker, group);
120            }
121    
122            public boolean isGroupAdmin(
123                            PermissionChecker permissionChecker, Group group)
124                    throws Exception {
125    
126                    Boolean value = _groupAdmins.get(group.getGroupId());
127    
128                    if (value == null) {
129                            value = Boolean.valueOf(isGroupAdminImpl(permissionChecker, group));
130    
131                            _groupAdmins.put(group.getGroupId(), value);
132                    }
133    
134                    return value.booleanValue();
135            }
136    
137            public boolean isGroupMember(
138                            PermissionChecker permissionChecker, Group group)
139                    throws Exception {
140    
141                    for (Role role : _roles) {
142                            String name = role.getName();
143    
144                            if (name.equals(RoleConstants.SITE_MEMBER)) {
145                                    return true;
146                            }
147                    }
148    
149                    if (_userGroups.contains(group)) {
150                            return true;
151                    }
152    
153                    return false;
154            }
155    
156            public boolean isGroupOwner(
157                            PermissionChecker permissionChecker, Group group)
158                    throws Exception {
159    
160                    Boolean value = _groupOwners.get(group.getGroupId());
161    
162                    if (value == null) {
163                            value = Boolean.valueOf(isGroupOwnerImpl(permissionChecker, group));
164    
165                            _groupOwners.put(group.getGroupId(), value);
166                    }
167    
168                    return value.booleanValue();
169            }
170    
171            public boolean isOrganizationAdmin(
172                            PermissionChecker permissionChecker, Organization organization)
173                    throws Exception {
174    
175                    Boolean value = _organizationAdmins.get(
176                            organization.getOrganizationId());
177    
178                    if (value == null) {
179                            value = Boolean.valueOf(
180                                    isOrganizationAdminImpl(permissionChecker, organization));
181    
182                            _organizationAdmins.put(organization.getOrganizationId(), value);
183                    }
184    
185                    return value.booleanValue();
186            }
187    
188            public boolean isOrganizationOwner(
189                            PermissionChecker permissionChecker, Organization organization)
190                    throws Exception {
191    
192                    Boolean value = _organizationOwners.get(
193                            organization.getOrganizationId());
194    
195                    if (value == null) {
196                            value = Boolean.valueOf(
197                                    isOrganizationOwnerImpl(permissionChecker, organization));
198    
199                            _organizationOwners.put(organization.getOrganizationId(), value);
200                    }
201    
202                    return value.booleanValue();
203            }
204    
205            protected boolean isGroupAdminImpl(
206                            PermissionChecker permissionChecker, Group group)
207                    throws PortalException, SystemException {
208    
209                    if (group.isSite()) {
210                            if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
211                                            _userId, group.getGroupId(),
212                                            RoleConstants.SITE_ADMINISTRATOR, true) ||
213                                    UserGroupRoleLocalServiceUtil.hasUserGroupRole(
214                                            _userId, group.getGroupId(), RoleConstants.SITE_OWNER,
215                                            true)) {
216    
217                                    return true;
218                            }
219                    }
220    
221                    if (group.isCompany()) {
222                            if (permissionChecker.isCompanyAdmin()) {
223                                    return true;
224                            }
225                            else {
226                                    return false;
227                            }
228                    }
229                    else if (group.isLayoutPrototype()) {
230                            if (LayoutPrototypePermissionUtil.contains(
231                                            permissionChecker, group.getClassPK(), ActionKeys.UPDATE)) {
232    
233                                    return true;
234                            }
235                            else {
236                                    return false;
237                            }
238                    }
239                    else if (group.isLayoutSetPrototype()) {
240                            if (LayoutSetPrototypePermissionUtil.contains(
241                                            permissionChecker, group.getClassPK(), ActionKeys.UPDATE)) {
242    
243                                    return true;
244                            }
245                            else {
246                                    return false;
247                            }
248                    }
249                    else if (group.isOrganization()) {
250                            long organizationId = group.getOrganizationId();
251    
252                            while (organizationId !=
253                                                    OrganizationConstants.DEFAULT_PARENT_ORGANIZATION_ID) {
254    
255                                    Organization organization =
256                                            OrganizationLocalServiceUtil.getOrganization(
257                                                    organizationId);
258    
259                                    Group organizationGroup = organization.getGroup();
260    
261                                    long organizationGroupId = organizationGroup.getGroupId();
262    
263                                    if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
264                                                    _userId, organizationGroupId,
265                                                    RoleConstants.ORGANIZATION_ADMINISTRATOR, true) ||
266                                            UserGroupRoleLocalServiceUtil.hasUserGroupRole(
267                                                    _userId, organizationGroupId,
268                                                    RoleConstants.ORGANIZATION_OWNER, true)) {
269    
270                                            return true;
271                                    }
272    
273                                    organizationId = organization.getParentOrganizationId();
274                            }
275                    }
276    
277                    return false;
278            }
279    
280            protected boolean isGroupOwnerImpl(
281                            PermissionChecker permissionChecker, Group group)
282                    throws PortalException, SystemException {
283    
284                    if (group.isSite()) {
285                            if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
286                                            _userId, group.getGroupId(), RoleConstants.SITE_OWNER,
287                                            true)) {
288    
289                                    return true;
290                            }
291                    }
292    
293                    if (group.isLayoutPrototype()) {
294                            if (LayoutPrototypePermissionUtil.contains(
295                                            permissionChecker, group.getClassPK(), ActionKeys.UPDATE)) {
296    
297                                    return true;
298                            }
299                            else {
300                                    return false;
301                            }
302                    }
303                    else if (group.isLayoutSetPrototype()) {
304                            if (LayoutSetPrototypePermissionUtil.contains(
305                                            permissionChecker, group.getClassPK(), ActionKeys.UPDATE)) {
306    
307                                    return true;
308                            }
309                            else {
310                                    return false;
311                            }
312                    }
313                    else if (group.isOrganization()) {
314                            long organizationId = group.getOrganizationId();
315    
316                            while (organizationId !=
317                                                    OrganizationConstants.DEFAULT_PARENT_ORGANIZATION_ID) {
318    
319                                    Organization organization =
320                                            OrganizationLocalServiceUtil.getOrganization(
321                                                    organizationId);
322    
323                                    Group organizationGroup = organization.getGroup();
324    
325                                    long organizationGroupId = organizationGroup.getGroupId();
326    
327                                    if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
328                                                    _userId, organizationGroupId,
329                                                    RoleConstants.ORGANIZATION_OWNER, true)) {
330    
331                                            return true;
332                                    }
333    
334                                    organizationId = organization.getParentOrganizationId();
335                            }
336                    }
337                    else if (group.isUser()) {
338                            long userId = group.getClassPK();
339    
340                            if (userId == _userId) {
341                                    return true;
342                            }
343                    }
344    
345                    return false;
346            }
347    
348            protected boolean isOrganizationAdminImpl(
349                            PermissionChecker permissionChecker, Organization organization)
350                    throws PortalException, SystemException {
351    
352                    while (organization != null) {
353                            Group organizationGroup = organization.getGroup();
354    
355                            long organizationGroupId = organizationGroup.getGroupId();
356    
357                            if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
358                                            _userId, organizationGroupId,
359                                            RoleConstants.ORGANIZATION_ADMINISTRATOR, true) ||
360                                    UserGroupRoleLocalServiceUtil.hasUserGroupRole(
361                                            _userId, organizationGroupId,
362                                            RoleConstants.ORGANIZATION_OWNER, true)) {
363    
364                                    return true;
365                            }
366    
367                            organization = organization.getParentOrganization();
368                    }
369    
370                    return false;
371            }
372    
373            protected boolean isOrganizationOwnerImpl(
374                            PermissionChecker permissionChecker, Organization organization)
375                    throws PortalException, SystemException {
376    
377                    while (organization != null) {
378                            Group organizationGroup = organization.getGroup();
379    
380                            long organizationGroupId = organizationGroup.getGroupId();
381    
382                            if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
383                                            _userId, organizationGroupId,
384                                            RoleConstants.ORGANIZATION_OWNER, true)) {
385    
386                                    return true;
387                            }
388    
389                            organization = organization.getParentOrganization();
390                    }
391    
392                    return false;
393            }
394    
395            private Map<Long, Boolean> _groupAdmins = new HashMap<Long, Boolean>();
396            private Map<Long, Boolean> _groupOwners = new HashMap<Long, Boolean>();
397            private List<Group> _groups;
398            private Map<Long, Boolean> _organizationAdmins =
399                    new HashMap<Long, Boolean>();
400            private Map<Long, Boolean> _organizationOwners =
401                    new HashMap<Long, Boolean>();
402            private long[] _roleIds;
403            private List<Role> _roles;
404            private List<Group> _userGroups;
405            private long _userId;
406            private List<Group> _userOrgGroups;
407            private List<Organization> _userOrgs;
408            private List<Group> _userUserGroupGroups;
409    
410    }