001    /**
002     * Copyright (c) 2000-2013 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.security.permission;
016    
017    import com.liferay.portal.kernel.exception.PortalException;
018    import com.liferay.portal.kernel.exception.SystemException;
019    import com.liferay.portal.model.Group;
020    import com.liferay.portal.model.Organization;
021    import com.liferay.portal.model.OrganizationConstants;
022    import com.liferay.portal.model.Role;
023    import com.liferay.portal.model.RoleConstants;
024    import com.liferay.portal.service.OrganizationLocalServiceUtil;
025    import com.liferay.portal.service.UserGroupRoleLocalServiceUtil;
026    import com.liferay.portal.service.permission.LayoutPrototypePermissionUtil;
027    import com.liferay.portal.service.permission.LayoutSetPrototypePermissionUtil;
028    
029    import java.util.Arrays;
030    import java.util.HashMap;
031    import java.util.List;
032    import java.util.Map;
033    
034    /**
035     * @author Brian Wing Shun Chan
036     */
037    public class PermissionCheckerBagImpl implements PermissionCheckerBag {
038    
039            public PermissionCheckerBagImpl() {
040            }
041    
042            public PermissionCheckerBagImpl(
043                    long userId, List<Group> userGroups, List<Organization> userOrgs,
044                    List<Group> userOrgGroups, List<Group> userUserGroupGroups,
045                    List<Group> groups, List<Role> roles) {
046    
047                    _userId = userId;
048                    _userGroups = userGroups;
049                    _userOrgs = userOrgs;
050                    _userOrgGroups = userOrgGroups;
051                    _userUserGroupGroups = userUserGroupGroups;
052                    _groups = groups;
053                    _roles = roles;
054            }
055    
056            @Override
057            public List<Group> getGroups() {
058                    return _groups;
059            }
060    
061            @Override
062            public long[] getRoleIds() {
063                    if (_roleIds == null) {
064                            List<Role> roles = getRoles();
065    
066                            long[] roleIds = new long[roles.size()];
067    
068                            for (int i = 0; i < roles.size(); i++) {
069                                    Role role = roles.get(i);
070    
071                                    roleIds[i] = role.getRoleId();
072                            }
073    
074                            Arrays.sort(roleIds);
075    
076                            _roleIds = roleIds;
077                    }
078    
079                    return _roleIds;
080            }
081    
082            @Override
083            public List<Role> getRoles() {
084                    return _roles;
085            }
086    
087            @Override
088            public List<Group> getUserGroups() {
089                    return _userGroups;
090            }
091    
092            @Override
093            public List<Group> getUserOrgGroups() {
094                    return _userOrgGroups;
095            }
096    
097            @Override
098            public List<Organization> getUserOrgs() {
099                    return _userOrgs;
100            }
101    
102            @Override
103            public List<Group> getUserUserGroupGroups() {
104                    return _userUserGroupGroups;
105            }
106    
107            /**
108             * @deprecated As of 6.1.0, renamed to {@link
109             *             #isGroupAdmin(PermissionChecker, Group)}
110             */
111            @Override
112            public boolean isCommunityAdmin(
113                            PermissionChecker permissionChecker, Group group)
114                    throws Exception {
115    
116                    return isGroupAdmin(permissionChecker, group);
117            }
118    
119            /**
120             * @deprecated As of 6.1.0, renamed to {@link
121             *             #isGroupOwner(PermissionChecker, Group)}
122             */
123            @Override
124            public boolean isCommunityOwner(
125                            PermissionChecker permissionChecker, Group group)
126                    throws Exception {
127    
128                    return isGroupOwner(permissionChecker, group);
129            }
130    
131            @Override
132            public boolean isGroupAdmin(
133                            PermissionChecker permissionChecker, Group group)
134                    throws Exception {
135    
136                    Boolean value = _groupAdmins.get(group.getGroupId());
137    
138                    if (value == null) {
139                            value = Boolean.valueOf(isGroupAdminImpl(permissionChecker, group));
140    
141                            _groupAdmins.put(group.getGroupId(), value);
142                    }
143    
144                    return value.booleanValue();
145            }
146    
147            @Override
148            public boolean isGroupMember(
149                            PermissionChecker permissionChecker, Group group)
150                    throws Exception {
151    
152                    for (Role role : _roles) {
153                            String name = role.getName();
154    
155                            if (name.equals(RoleConstants.SITE_MEMBER)) {
156                                    return true;
157                            }
158                    }
159    
160                    if (_userGroups.contains(group)) {
161                            return true;
162                    }
163    
164                    return false;
165            }
166    
167            @Override
168            public boolean isGroupOwner(
169                            PermissionChecker permissionChecker, Group group)
170                    throws Exception {
171    
172                    Boolean value = _groupOwners.get(group.getGroupId());
173    
174                    if (value == null) {
175                            value = Boolean.valueOf(isGroupOwnerImpl(permissionChecker, group));
176    
177                            _groupOwners.put(group.getGroupId(), value);
178                    }
179    
180                    return value.booleanValue();
181            }
182    
183            @Override
184            public boolean isOrganizationAdmin(
185                            PermissionChecker permissionChecker, Organization organization)
186                    throws Exception {
187    
188                    Boolean value = _organizationAdmins.get(
189                            organization.getOrganizationId());
190    
191                    if (value == null) {
192                            value = Boolean.valueOf(
193                                    isOrganizationAdminImpl(permissionChecker, organization));
194    
195                            _organizationAdmins.put(organization.getOrganizationId(), value);
196                    }
197    
198                    return value.booleanValue();
199            }
200    
201            @Override
202            public boolean isOrganizationOwner(
203                            PermissionChecker permissionChecker, Organization organization)
204                    throws Exception {
205    
206                    Boolean value = _organizationOwners.get(
207                            organization.getOrganizationId());
208    
209                    if (value == null) {
210                            value = Boolean.valueOf(
211                                    isOrganizationOwnerImpl(permissionChecker, organization));
212    
213                            _organizationOwners.put(organization.getOrganizationId(), value);
214                    }
215    
216                    return value.booleanValue();
217            }
218    
219            protected boolean isGroupAdminImpl(
220                            PermissionChecker permissionChecker, Group group)
221                    throws PortalException, SystemException {
222    
223                    if (group.isSite()) {
224                            if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
225                                            _userId, group.getGroupId(),
226                                            RoleConstants.SITE_ADMINISTRATOR, true) ||
227                                    UserGroupRoleLocalServiceUtil.hasUserGroupRole(
228                                            _userId, group.getGroupId(), RoleConstants.SITE_OWNER,
229                                            true)) {
230    
231                                    return true;
232                            }
233                    }
234    
235                    if (group.isCompany()) {
236                            if (permissionChecker.isCompanyAdmin()) {
237                                    return true;
238                            }
239                            else {
240                                    return false;
241                            }
242                    }
243                    else if (group.isLayoutPrototype()) {
244                            if (LayoutPrototypePermissionUtil.contains(
245                                            permissionChecker, group.getClassPK(), ActionKeys.UPDATE)) {
246    
247                                    return true;
248                            }
249                            else {
250                                    return false;
251                            }
252                    }
253                    else if (group.isLayoutSetPrototype()) {
254                            if (LayoutSetPrototypePermissionUtil.contains(
255                                            permissionChecker, group.getClassPK(), ActionKeys.UPDATE)) {
256    
257                                    return true;
258                            }
259                            else {
260                                    return false;
261                            }
262                    }
263                    else if (group.isOrganization()) {
264                            long organizationId = group.getOrganizationId();
265    
266                            while (organizationId !=
267                                                    OrganizationConstants.DEFAULT_PARENT_ORGANIZATION_ID) {
268    
269                                    Organization organization =
270                                            OrganizationLocalServiceUtil.getOrganization(
271                                                    organizationId);
272    
273                                    Group organizationGroup = organization.getGroup();
274    
275                                    long organizationGroupId = organizationGroup.getGroupId();
276    
277                                    if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
278                                                    _userId, organizationGroupId,
279                                                    RoleConstants.ORGANIZATION_ADMINISTRATOR, true) ||
280                                            UserGroupRoleLocalServiceUtil.hasUserGroupRole(
281                                                    _userId, organizationGroupId,
282                                                    RoleConstants.ORGANIZATION_OWNER, true)) {
283    
284                                            return true;
285                                    }
286    
287                                    organizationId = organization.getParentOrganizationId();
288                            }
289                    }
290    
291                    return false;
292            }
293    
294            protected boolean isGroupOwnerImpl(
295                            PermissionChecker permissionChecker, Group group)
296                    throws PortalException, SystemException {
297    
298                    if (group.isSite()) {
299                            if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
300                                            _userId, group.getGroupId(), RoleConstants.SITE_OWNER,
301                                            true)) {
302    
303                                    return true;
304                            }
305                    }
306    
307                    if (group.isLayoutPrototype()) {
308                            if (LayoutPrototypePermissionUtil.contains(
309                                            permissionChecker, group.getClassPK(), ActionKeys.UPDATE)) {
310    
311                                    return true;
312                            }
313                            else {
314                                    return false;
315                            }
316                    }
317                    else if (group.isLayoutSetPrototype()) {
318                            if (LayoutSetPrototypePermissionUtil.contains(
319                                            permissionChecker, group.getClassPK(), ActionKeys.UPDATE)) {
320    
321                                    return true;
322                            }
323                            else {
324                                    return false;
325                            }
326                    }
327                    else if (group.isOrganization()) {
328                            long organizationId = group.getOrganizationId();
329    
330                            while (organizationId !=
331                                                    OrganizationConstants.DEFAULT_PARENT_ORGANIZATION_ID) {
332    
333                                    Organization organization =
334                                            OrganizationLocalServiceUtil.getOrganization(
335                                                    organizationId);
336    
337                                    Group organizationGroup = organization.getGroup();
338    
339                                    long organizationGroupId = organizationGroup.getGroupId();
340    
341                                    if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
342                                                    _userId, organizationGroupId,
343                                                    RoleConstants.ORGANIZATION_OWNER, true)) {
344    
345                                            return true;
346                                    }
347    
348                                    organizationId = organization.getParentOrganizationId();
349                            }
350                    }
351                    else if (group.isUser()) {
352                            long userId = group.getClassPK();
353    
354                            if (userId == _userId) {
355                                    return true;
356                            }
357                    }
358    
359                    return false;
360            }
361    
362            protected boolean isOrganizationAdminImpl(
363                            PermissionChecker permissionChecker, Organization organization)
364                    throws PortalException, SystemException {
365    
366                    while (organization != null) {
367                            Group organizationGroup = organization.getGroup();
368    
369                            long organizationGroupId = organizationGroup.getGroupId();
370    
371                            if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
372                                            _userId, organizationGroupId,
373                                            RoleConstants.ORGANIZATION_ADMINISTRATOR, true) ||
374                                    UserGroupRoleLocalServiceUtil.hasUserGroupRole(
375                                            _userId, organizationGroupId,
376                                            RoleConstants.ORGANIZATION_OWNER, true)) {
377    
378                                    return true;
379                            }
380    
381                            organization = organization.getParentOrganization();
382                    }
383    
384                    return false;
385            }
386    
387            protected boolean isOrganizationOwnerImpl(
388                            PermissionChecker permissionChecker, Organization organization)
389                    throws PortalException, SystemException {
390    
391                    while (organization != null) {
392                            Group organizationGroup = organization.getGroup();
393    
394                            long organizationGroupId = organizationGroup.getGroupId();
395    
396                            if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
397                                            _userId, organizationGroupId,
398                                            RoleConstants.ORGANIZATION_OWNER, true)) {
399    
400                                    return true;
401                            }
402    
403                            organization = organization.getParentOrganization();
404                    }
405    
406                    return false;
407            }
408    
409            private Map<Long, Boolean> _groupAdmins = new HashMap<Long, Boolean>();
410            private Map<Long, Boolean> _groupOwners = new HashMap<Long, Boolean>();
411            private List<Group> _groups;
412            private Map<Long, Boolean> _organizationAdmins =
413                    new HashMap<Long, Boolean>();
414            private Map<Long, Boolean> _organizationOwners =
415                    new HashMap<Long, Boolean>();
416            private long[] _roleIds;
417            private List<Role> _roles;
418            private List<Group> _userGroups;
419            private long _userId;
420            private List<Group> _userOrgGroups;
421            private List<Organization> _userOrgs;
422            private List<Group> _userUserGroupGroups;
423    
424    }