001
014
015 package com.liferay.portal.security.membershippolicy;
016
017 import com.liferay.portal.kernel.dao.orm.ActionableDynamicQuery;
018 import com.liferay.portal.kernel.dao.orm.DynamicQuery;
019 import com.liferay.portal.kernel.dao.orm.Property;
020 import com.liferay.portal.kernel.dao.orm.PropertyFactoryUtil;
021 import com.liferay.portal.kernel.exception.PortalException;
022 import com.liferay.portal.kernel.exception.SystemException;
023 import com.liferay.portal.model.Group;
024 import com.liferay.portal.model.Role;
025 import com.liferay.portal.model.RoleConstants;
026 import com.liferay.portal.model.UserGroupRole;
027 import com.liferay.portal.security.permission.PermissionChecker;
028 import com.liferay.portal.service.RoleLocalServiceUtil;
029 import com.liferay.portal.service.UserGroupRoleLocalServiceUtil;
030 import com.liferay.portal.service.persistence.GroupActionableDynamicQuery;
031 import com.liferay.portal.service.persistence.UserGroupRoleActionableDynamicQuery;
032 import com.liferay.portal.service.persistence.UserGroupRolePK;
033
034 import java.io.Serializable;
035
036 import java.util.ArrayList;
037 import java.util.List;
038 import java.util.Map;
039
040
044 public abstract class BaseSiteMembershipPolicy implements SiteMembershipPolicy {
045
046 @SuppressWarnings("unused")
047 public void checkRoles(
048 List<UserGroupRole> addUserGroupRoles,
049 List<UserGroupRole> removeUserGroupRoles)
050 throws PortalException, SystemException {
051 }
052
053 @SuppressWarnings("unused")
054 public boolean isMembershipAllowed(long userId, long groupId)
055 throws PortalException, SystemException {
056
057 try {
058 checkMembership(new long[] {userId}, new long[] {groupId}, null);
059 }
060 catch (Exception e) {
061 return false;
062 }
063
064 return true;
065 }
066
067 public boolean isMembershipProtected(
068 PermissionChecker permissionChecker, long userId, long groupId)
069 throws PortalException, SystemException {
070
071 if (permissionChecker.isGroupOwner(groupId)) {
072 return false;
073 }
074
075 Role siteAdministratorRole = RoleLocalServiceUtil.getRole(
076 permissionChecker.getCompanyId(), RoleConstants.SITE_ADMINISTRATOR);
077
078 if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
079 userId, groupId, siteAdministratorRole.getRoleId())) {
080
081 return true;
082 }
083
084 Role siteOwnerRole = RoleLocalServiceUtil.getRole(
085 permissionChecker.getCompanyId(), RoleConstants.SITE_OWNER);
086
087 if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
088 userId, groupId, siteOwnerRole.getRoleId())) {
089
090 return true;
091 }
092
093 return false;
094 }
095
096 @SuppressWarnings("unused")
097 public boolean isMembershipRequired(long userId, long groupId)
098 throws PortalException, SystemException {
099
100 try {
101 checkMembership(new long[] {userId}, null, new long[] {groupId});
102 }
103 catch (Exception e) {
104 return true;
105 }
106
107 return false;
108 }
109
110 @SuppressWarnings("unused")
111 public boolean isRoleAllowed(long userId, long groupId, long roleId)
112 throws PortalException, SystemException {
113
114 List<UserGroupRole> userGroupRoles = new ArrayList<UserGroupRole>();
115
116 UserGroupRolePK userGroupRolePK = new UserGroupRolePK(
117 userId, groupId, roleId);
118
119 UserGroupRole userGroupRole =
120 UserGroupRoleLocalServiceUtil.createUserGroupRole(userGroupRolePK);
121
122 userGroupRoles.add(userGroupRole);
123
124 try {
125 checkRoles(userGroupRoles, null);
126 }
127 catch (Exception e) {
128 return false;
129 }
130
131 return true;
132 }
133
134 public boolean isRoleProtected(
135 PermissionChecker permissionChecker, long userId, long groupId,
136 long roleId)
137 throws PortalException, SystemException {
138
139 if (permissionChecker.isGroupOwner(groupId)) {
140 return false;
141 }
142
143 Role role = RoleLocalServiceUtil.getRole(roleId);
144
145 String roleName = role.getName();
146
147 if (!roleName.equals(RoleConstants.SITE_ADMINISTRATOR) &&
148 !roleName.equals(RoleConstants.SITE_OWNER)) {
149
150 return false;
151 }
152
153 if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
154 userId, groupId, roleId)) {
155
156 return true;
157 }
158
159 return false;
160 }
161
162 public boolean isRoleRequired(long userId, long groupId, long roleId) {
163 List<UserGroupRole> userGroupRoles = new ArrayList<UserGroupRole>();
164
165 UserGroupRolePK userGroupRolePK = new UserGroupRolePK(
166 userId, groupId, roleId);
167
168 UserGroupRole userGroupRole =
169 UserGroupRoleLocalServiceUtil.createUserGroupRole(userGroupRolePK);
170
171 userGroupRoles.add(userGroupRole);
172
173 try {
174 checkRoles(null, userGroupRoles);
175 }
176 catch (Exception e) {
177 return true;
178 }
179
180 return false;
181 }
182
183 @SuppressWarnings("unused")
184 public void propagateRoles(
185 List<UserGroupRole> addUserGroupRoles,
186 List<UserGroupRole> removeUserGroupRoles)
187 throws PortalException, SystemException {
188 }
189
190 public void verifyPolicy() throws PortalException, SystemException {
191 ActionableDynamicQuery groupActionableDynamicQuery =
192 new GroupActionableDynamicQuery() {
193
194 @Override
195 protected void addCriteria(DynamicQuery dynamicQuery) {
196 Property property = PropertyFactoryUtil.forName("site");
197
198 dynamicQuery.add(property.eq(true));
199 }
200
201 @Override
202 protected void performAction(Object object)
203 throws PortalException, SystemException {
204
205 Group group = (Group)object;
206
207 verifyPolicy(group);
208
209 ActionableDynamicQuery userGroupRoleActionableDynamicQuery =
210 new UserGroupRoleActionableDynamicQuery() {
211
212 @Override
213 protected void performAction(Object object)
214 throws PortalException, SystemException {
215
216 UserGroupRole userGroupRole = (UserGroupRole)object;
217
218 verifyPolicy(userGroupRole.getRole());
219 }
220
221 };
222
223 userGroupRoleActionableDynamicQuery.setGroupId(
224 group.getGroupId());
225
226 userGroupRoleActionableDynamicQuery.performActions();
227 }
228
229 };
230
231 groupActionableDynamicQuery.performActions();
232 }
233
234 public void verifyPolicy(Group group)
235 throws PortalException, SystemException {
236
237 verifyPolicy(group, null, null, null, null, null);
238 }
239
240 public void verifyPolicy(Role role) {
241 }
242
243 public void verifyPolicy(
244 Role role, Role oldRole,
245 Map<String, Serializable> oldExpandoAttributes) {
246 }
247
248 }