001
014
015 package com.liferay.portlet.messageboards.service.permission;
016
017 import com.liferay.portal.kernel.exception.PortalException;
018 import com.liferay.portal.kernel.exception.SystemException;
019 import com.liferay.portal.security.auth.PrincipalException;
020 import com.liferay.portal.security.permission.ActionKeys;
021 import com.liferay.portal.security.permission.PermissionChecker;
022 import com.liferay.portal.util.PropsValues;
023 import com.liferay.portlet.messageboards.NoSuchCategoryException;
024 import com.liferay.portlet.messageboards.model.MBCategory;
025 import com.liferay.portlet.messageboards.model.MBCategoryConstants;
026 import com.liferay.portlet.messageboards.service.MBBanLocalServiceUtil;
027 import com.liferay.portlet.messageboards.service.MBCategoryLocalServiceUtil;
028
029
033 public class MBCategoryPermission {
034
035 public static void check(
036 PermissionChecker permissionChecker, long groupId, long categoryId,
037 String actionId)
038 throws PortalException, SystemException {
039
040 if (!contains(permissionChecker, groupId, categoryId, actionId)) {
041 throw new PrincipalException();
042 }
043 }
044
045 public static void check(
046 PermissionChecker permissionChecker, long categoryId,
047 String actionId)
048 throws PortalException, SystemException {
049
050 if (!contains(permissionChecker, categoryId, actionId)) {
051 throw new PrincipalException();
052 }
053 }
054
055 public static void check(
056 PermissionChecker permissionChecker, MBCategory category,
057 String actionId)
058 throws PortalException, SystemException {
059
060 if (!contains(permissionChecker, category, actionId)) {
061 throw new PrincipalException();
062 }
063 }
064
065 public static boolean contains(
066 PermissionChecker permissionChecker, long groupId, long categoryId,
067 String actionId)
068 throws PortalException, SystemException {
069
070 if ((categoryId == MBCategoryConstants.DEFAULT_PARENT_CATEGORY_ID) ||
071 (categoryId == MBCategoryConstants.DISCUSSION_CATEGORY_ID)) {
072
073 return MBPermission.contains(permissionChecker, groupId, actionId);
074 }
075 else {
076 MBCategory category = MBCategoryLocalServiceUtil.getCategory(
077 categoryId);
078
079 return contains(permissionChecker, category, actionId);
080 }
081 }
082
083 public static boolean contains(
084 PermissionChecker permissionChecker, long categoryId,
085 String actionId)
086 throws PortalException, SystemException {
087
088 MBCategory category = MBCategoryLocalServiceUtil.getCategory(
089 categoryId);
090
091 return contains(permissionChecker, category, actionId);
092 }
093
094 public static boolean contains(
095 PermissionChecker permissionChecker, MBCategory category,
096 String actionId)
097 throws PortalException, SystemException {
098
099 if (actionId.equals(ActionKeys.ADD_CATEGORY)) {
100 actionId = ActionKeys.ADD_SUBCATEGORY;
101 }
102
103 if (MBBanLocalServiceUtil.hasBan(
104 category.getGroupId(), permissionChecker.getUserId())) {
105
106 return false;
107 }
108
109 long categoryId = category.getCategoryId();
110
111 if (PropsValues.PERMISSIONS_VIEW_DYNAMIC_INHERITANCE) {
112 long originalCategoryId = categoryId;
113
114 try {
115 while (categoryId !=
116 MBCategoryConstants.DEFAULT_PARENT_CATEGORY_ID) {
117
118 category = MBCategoryLocalServiceUtil.getCategory(
119 categoryId);
120
121 if (!permissionChecker.hasOwnerPermission(
122 category.getCompanyId(), MBCategory.class.getName(),
123 categoryId, category.getUserId(),
124 ActionKeys.VIEW) &&
125 !permissionChecker.hasPermission(
126 category.getGroupId(), MBCategory.class.getName(),
127 categoryId, ActionKeys.VIEW)) {
128
129 return false;
130 }
131
132 categoryId = category.getParentCategoryId();
133 }
134 }
135 catch (NoSuchCategoryException nsce) {
136 if (!category.isInTrash()) {
137 throw nsce;
138 }
139 }
140
141 if (actionId.equals(ActionKeys.VIEW)) {
142 return true;
143 }
144
145 categoryId = originalCategoryId;
146 }
147
148 try {
149 while (categoryId !=
150 MBCategoryConstants.DEFAULT_PARENT_CATEGORY_ID) {
151
152 category = MBCategoryLocalServiceUtil.getCategory(categoryId);
153
154 if (permissionChecker.hasOwnerPermission(
155 category.getCompanyId(), MBCategory.class.getName(),
156 categoryId, category.getUserId(), actionId) ||
157 permissionChecker.hasPermission(
158 category.getGroupId(), MBCategory.class.getName(),
159 categoryId, actionId)) {
160
161 return true;
162 }
163
164 categoryId = category.getParentCategoryId();
165 }
166 }
167 catch (NoSuchCategoryException nsce) {
168 if (!category.isInTrash()) {
169 throw nsce;
170 }
171 }
172
173 return false;
174 }
175
176 }