001    /**
002     * Copyright (c) 2000-2013 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.workflow.permission;
016    
017    import com.liferay.portal.kernel.log.Log;
018    import com.liferay.portal.kernel.log.LogFactoryUtil;
019    import com.liferay.portal.kernel.security.pacl.DoPrivileged;
020    import com.liferay.portal.kernel.workflow.WorkflowException;
021    import com.liferay.portal.kernel.workflow.WorkflowInstance;
022    import com.liferay.portal.kernel.workflow.WorkflowInstanceManagerUtil;
023    import com.liferay.portal.kernel.workflow.WorkflowTaskManagerUtil;
024    import com.liferay.portal.kernel.workflow.permission.WorkflowPermission;
025    import com.liferay.portal.model.WorkflowInstanceLink;
026    import com.liferay.portal.security.permission.ActionKeys;
027    import com.liferay.portal.security.permission.PermissionChecker;
028    import com.liferay.portal.service.WorkflowDefinitionLinkLocalServiceUtil;
029    import com.liferay.portal.service.WorkflowInstanceLinkLocalServiceUtil;
030    
031    /**
032     * @author Jorge Ferrer
033     */
034    @DoPrivileged
035    public class WorkflowPermissionImpl implements WorkflowPermission {
036    
037            public Boolean hasPermission(
038                    PermissionChecker permissionChecker, long groupId, String className,
039                    long classPK, String actionId) {
040    
041                    try {
042                            return doHasPermission(
043                                    permissionChecker, groupId, className, classPK, actionId);
044                    }
045                    catch (Exception e) {
046                            _log.error(e, e);
047                    }
048    
049                    return null;
050            }
051    
052            protected Boolean doHasPermission(
053                            PermissionChecker permissionChecker, long groupId, String className,
054                            long classPK, String actionId)
055                    throws Exception {
056    
057                    long companyId = permissionChecker.getCompanyId();
058    
059                    if (permissionChecker.isCompanyAdmin() ||
060                            permissionChecker.isGroupAdmin(groupId)) {
061    
062                            return Boolean.TRUE;
063                    }
064    
065                    if (!WorkflowDefinitionLinkLocalServiceUtil.hasWorkflowDefinitionLink(
066                                    companyId, groupId, className)) {
067    
068                            return null;
069                    }
070    
071                    if (WorkflowInstanceLinkLocalServiceUtil.hasWorkflowInstanceLink(
072                                    companyId, groupId, className, classPK)) {
073    
074                            WorkflowInstanceLink workflowInstanceLink =
075                                    WorkflowInstanceLinkLocalServiceUtil.getWorkflowInstanceLink(
076                                            companyId, groupId, className, classPK);
077    
078                            WorkflowInstance workflowInstance =
079                                    WorkflowInstanceManagerUtil.getWorkflowInstance(
080                                            companyId, workflowInstanceLink.getWorkflowInstanceId());
081    
082                            if (workflowInstance.isComplete()) {
083                                    return null;
084                            }
085    
086                            boolean hasPermission = isWorkflowTaskAssignedToUser(
087                                    permissionChecker, workflowInstance);
088    
089                            if (!hasPermission && actionId.equals(ActionKeys.VIEW)) {
090                                    return null;
091                            }
092                            else {
093                                    return hasPermission;
094                            }
095                    }
096    
097                    return null;
098            }
099    
100            protected boolean isWorkflowTaskAssignedToUser(
101                            PermissionChecker permissionChecker,
102                            WorkflowInstance workflowInstance)
103                    throws WorkflowException {
104    
105                    int count =
106                            WorkflowTaskManagerUtil.getWorkflowTaskCountByWorkflowInstance(
107                                    permissionChecker.getCompanyId(), permissionChecker.getUserId(),
108                                    workflowInstance.getWorkflowInstanceId(), Boolean.FALSE);
109    
110                    if (count > 0) {
111                            return true;
112                    }
113                    else {
114                            return false;
115                    }
116            }
117    
118            private static Log _log = LogFactoryUtil.getLog(
119                    WorkflowPermissionImpl.class);
120    
121    }