001    /**
002     * Copyright (c) 2000-2013 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.security.membershippolicy;
016    
017    import com.liferay.portal.kernel.dao.orm.ActionableDynamicQuery;
018    import com.liferay.portal.kernel.dao.orm.DynamicQuery;
019    import com.liferay.portal.kernel.dao.orm.Property;
020    import com.liferay.portal.kernel.dao.orm.PropertyFactoryUtil;
021    import com.liferay.portal.kernel.exception.PortalException;
022    import com.liferay.portal.kernel.exception.SystemException;
023    import com.liferay.portal.model.Group;
024    import com.liferay.portal.model.Role;
025    import com.liferay.portal.model.RoleConstants;
026    import com.liferay.portal.model.UserGroupRole;
027    import com.liferay.portal.security.permission.PermissionChecker;
028    import com.liferay.portal.service.RoleLocalServiceUtil;
029    import com.liferay.portal.service.UserGroupRoleLocalServiceUtil;
030    import com.liferay.portal.service.persistence.GroupActionableDynamicQuery;
031    import com.liferay.portal.service.persistence.UserGroupRoleActionableDynamicQuery;
032    import com.liferay.portal.service.persistence.UserGroupRolePK;
033    
034    import java.io.Serializable;
035    
036    import java.util.ArrayList;
037    import java.util.List;
038    import java.util.Map;
039    
040    /**
041     * @author Roberto Díaz
042     * @author Sergio González
043     */
044    public abstract class BaseSiteMembershipPolicy implements SiteMembershipPolicy {
045    
046            @SuppressWarnings("unused")
047            public void checkRoles(
048                            List<UserGroupRole> addUserGroupRoles,
049                            List<UserGroupRole> removeUserGroupRoles)
050                    throws PortalException, SystemException {
051            }
052    
053            @SuppressWarnings("unused")
054            public boolean isMembershipAllowed(long userId, long groupId)
055                    throws PortalException, SystemException {
056    
057                    try {
058                            checkMembership(new long[] {userId}, new long[] {groupId}, null);
059                    }
060                    catch (Exception e) {
061                            return false;
062                    }
063    
064                    return true;
065            }
066    
067            public boolean isMembershipProtected(
068                            PermissionChecker permissionChecker, long userId, long groupId)
069                    throws PortalException, SystemException {
070    
071                    if (permissionChecker.isGroupOwner(groupId)) {
072                            return false;
073                    }
074    
075                    Role siteAdministratorRole = RoleLocalServiceUtil.getRole(
076                            permissionChecker.getCompanyId(), RoleConstants.SITE_ADMINISTRATOR);
077    
078                    if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
079                                    userId, groupId, siteAdministratorRole.getRoleId())) {
080    
081                            return true;
082                    }
083    
084                    Role siteOwnerRole = RoleLocalServiceUtil.getRole(
085                            permissionChecker.getCompanyId(), RoleConstants.SITE_OWNER);
086    
087                    if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
088                                    userId, groupId, siteOwnerRole.getRoleId())) {
089    
090                            return true;
091                    }
092    
093                    return false;
094            }
095    
096            @SuppressWarnings("unused")
097            public boolean isMembershipRequired(long userId, long groupId)
098                    throws PortalException, SystemException {
099    
100                    try {
101                            checkMembership(new long[] {userId}, null, new long[] {groupId});
102                    }
103                    catch (Exception e) {
104                            return true;
105                    }
106    
107                    return false;
108            }
109    
110            @SuppressWarnings("unused")
111            public boolean isRoleAllowed(long userId, long groupId, long roleId)
112                    throws PortalException, SystemException {
113    
114                    List<UserGroupRole> userGroupRoles = new ArrayList<UserGroupRole>();
115    
116                    UserGroupRolePK userGroupRolePK = new UserGroupRolePK(
117                            userId, groupId, roleId);
118    
119                    UserGroupRole userGroupRole =
120                            UserGroupRoleLocalServiceUtil.createUserGroupRole(userGroupRolePK);
121    
122                    userGroupRoles.add(userGroupRole);
123    
124                    try {
125                            checkRoles(userGroupRoles, null);
126                    }
127                    catch (Exception e) {
128                            return false;
129                    }
130    
131                    return true;
132            }
133    
134            public boolean isRoleProtected(
135                            PermissionChecker permissionChecker, long userId, long groupId,
136                            long roleId)
137                    throws PortalException, SystemException {
138    
139                    if (permissionChecker.isGroupOwner(groupId)) {
140                            return false;
141                    }
142    
143                    Role role = RoleLocalServiceUtil.getRole(roleId);
144    
145                    String roleName = role.getName();
146    
147                    if (!roleName.equals(RoleConstants.SITE_ADMINISTRATOR) &&
148                            !roleName.equals(RoleConstants.SITE_OWNER)) {
149    
150                            return false;
151                    }
152    
153                    if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
154                                    userId, groupId, roleId)) {
155    
156                            return true;
157                    }
158    
159                    return false;
160            }
161    
162            public boolean isRoleRequired(long userId, long groupId, long roleId) {
163                    List<UserGroupRole> userGroupRoles = new ArrayList<UserGroupRole>();
164    
165                    UserGroupRolePK userGroupRolePK = new UserGroupRolePK(
166                            userId, groupId, roleId);
167    
168                    UserGroupRole userGroupRole =
169                            UserGroupRoleLocalServiceUtil.createUserGroupRole(userGroupRolePK);
170    
171                    userGroupRoles.add(userGroupRole);
172    
173                    try {
174                            checkRoles(null, userGroupRoles);
175                    }
176                    catch (Exception e) {
177                            return true;
178                    }
179    
180                    return false;
181            }
182    
183            @SuppressWarnings("unused")
184            public void propagateRoles(
185                            List<UserGroupRole> addUserGroupRoles,
186                            List<UserGroupRole> removeUserGroupRoles)
187                    throws PortalException, SystemException {
188            }
189    
190            public void verifyPolicy() throws PortalException, SystemException {
191                    ActionableDynamicQuery groupActionableDynamicQuery =
192                            new GroupActionableDynamicQuery() {
193    
194                            @Override
195                            protected void addCriteria(DynamicQuery dynamicQuery) {
196                                    Property property = PropertyFactoryUtil.forName("site");
197    
198                                    dynamicQuery.add(property.eq(true));
199                            }
200    
201                            @Override
202                            protected void performAction(Object object)
203                                    throws PortalException, SystemException {
204    
205                                    Group group = (Group)object;
206    
207                                    verifyPolicy(group);
208    
209                                    ActionableDynamicQuery userGroupRoleActionableDynamicQuery =
210                                            new UserGroupRoleActionableDynamicQuery() {
211    
212                                            @Override
213                                            protected void performAction(Object object)
214                                                    throws PortalException, SystemException {
215    
216                                                    UserGroupRole userGroupRole = (UserGroupRole)object;
217    
218                                                    verifyPolicy(userGroupRole.getRole());
219                                            }
220    
221                                    };
222    
223                                    userGroupRoleActionableDynamicQuery.setGroupId(
224                                            group.getGroupId());
225    
226                                    userGroupRoleActionableDynamicQuery.performActions();
227                            }
228    
229                    };
230    
231                    groupActionableDynamicQuery.performActions();
232            }
233    
234            public void verifyPolicy(Group group)
235                    throws PortalException, SystemException {
236    
237                    verifyPolicy(group, null, null, null, null, null);
238            }
239    
240            public void verifyPolicy(Role role) {
241            }
242    
243            public void verifyPolicy(
244                    Role role, Role oldRole,
245                    Map<String, Serializable> oldExpandoAttributes) {
246            }
247    
248    }