001    /**
002     * Copyright (c) 2000-2013 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.security.permission;
016    
017    import com.liferay.portal.kernel.exception.PortalException;
018    import com.liferay.portal.kernel.exception.SystemException;
019    import com.liferay.portal.model.Group;
020    import com.liferay.portal.model.GroupConstants;
021    import com.liferay.portal.model.Organization;
022    import com.liferay.portal.model.OrganizationConstants;
023    import com.liferay.portal.model.Role;
024    import com.liferay.portal.model.RoleConstants;
025    import com.liferay.portal.service.GroupLocalServiceUtil;
026    import com.liferay.portal.service.OrganizationLocalServiceUtil;
027    import com.liferay.portal.service.UserGroupRoleLocalServiceUtil;
028    import com.liferay.portal.service.permission.LayoutPrototypePermissionUtil;
029    import com.liferay.portal.service.permission.LayoutSetPrototypePermissionUtil;
030    
031    import java.util.Arrays;
032    import java.util.HashMap;
033    import java.util.List;
034    import java.util.Map;
035    
036    /**
037     * @author Brian Wing Shun Chan
038     */
039    public class PermissionCheckerBagImpl implements PermissionCheckerBag {
040    
041            public PermissionCheckerBagImpl() {
042            }
043    
044            public PermissionCheckerBagImpl(
045                    long userId, List<Group> userGroups, List<Organization> userOrgs,
046                    List<Group> userOrgGroups, List<Group> userUserGroupGroups,
047                    List<Group> groups, List<Role> roles) {
048    
049                    _userId = userId;
050                    _userGroups = userGroups;
051                    _userOrgs = userOrgs;
052                    _userOrgGroups = userOrgGroups;
053                    _userUserGroupGroups = userUserGroupGroups;
054                    _groups = groups;
055                    _roles = roles;
056            }
057    
058            @Override
059            public List<Group> getGroups() {
060                    return _groups;
061            }
062    
063            @Override
064            public long[] getRoleIds() {
065                    if (_roleIds == null) {
066                            List<Role> roles = getRoles();
067    
068                            long[] roleIds = new long[roles.size()];
069    
070                            for (int i = 0; i < roles.size(); i++) {
071                                    Role role = roles.get(i);
072    
073                                    roleIds[i] = role.getRoleId();
074                            }
075    
076                            Arrays.sort(roleIds);
077    
078                            _roleIds = roleIds;
079                    }
080    
081                    return _roleIds;
082            }
083    
084            @Override
085            public List<Role> getRoles() {
086                    return _roles;
087            }
088    
089            @Override
090            public List<Group> getUserGroups() {
091                    return _userGroups;
092            }
093    
094            @Override
095            public List<Group> getUserOrgGroups() {
096                    return _userOrgGroups;
097            }
098    
099            @Override
100            public List<Organization> getUserOrgs() {
101                    return _userOrgs;
102            }
103    
104            @Override
105            public List<Group> getUserUserGroupGroups() {
106                    return _userUserGroupGroups;
107            }
108    
109            /**
110             * @deprecated As of 6.1.0, renamed to {@link
111             *             #isGroupAdmin(PermissionChecker, Group)}
112             */
113            @Override
114            public boolean isCommunityAdmin(
115                            PermissionChecker permissionChecker, Group group)
116                    throws Exception {
117    
118                    return isGroupAdmin(permissionChecker, group);
119            }
120    
121            /**
122             * @deprecated As of 6.1.0, renamed to {@link
123             *             #isGroupOwner(PermissionChecker, Group)}
124             */
125            @Override
126            public boolean isCommunityOwner(
127                            PermissionChecker permissionChecker, Group group)
128                    throws Exception {
129    
130                    return isGroupOwner(permissionChecker, group);
131            }
132    
133            @Override
134            public boolean isGroupAdmin(
135                            PermissionChecker permissionChecker, Group group)
136                    throws Exception {
137    
138                    Boolean value = _groupAdmins.get(group.getGroupId());
139    
140                    if (value == null) {
141                            value = Boolean.valueOf(isGroupAdminImpl(permissionChecker, group));
142    
143                            _groupAdmins.put(group.getGroupId(), value);
144                    }
145    
146                    return value.booleanValue();
147            }
148    
149            @Override
150            public boolean isGroupMember(
151                            PermissionChecker permissionChecker, Group group)
152                    throws Exception {
153    
154                    for (Role role : _roles) {
155                            String name = role.getName();
156    
157                            if (name.equals(RoleConstants.SITE_MEMBER)) {
158                                    return true;
159                            }
160                    }
161    
162                    if (_userGroups.contains(group)) {
163                            return true;
164                    }
165    
166                    return false;
167            }
168    
169            @Override
170            public boolean isGroupOwner(
171                            PermissionChecker permissionChecker, Group group)
172                    throws Exception {
173    
174                    Boolean value = _groupOwners.get(group.getGroupId());
175    
176                    if (value == null) {
177                            value = Boolean.valueOf(isGroupOwnerImpl(permissionChecker, group));
178    
179                            _groupOwners.put(group.getGroupId(), value);
180                    }
181    
182                    return value.booleanValue();
183            }
184    
185            @Override
186            public boolean isOrganizationAdmin(
187                            PermissionChecker permissionChecker, Organization organization)
188                    throws Exception {
189    
190                    Boolean value = _organizationAdmins.get(
191                            organization.getOrganizationId());
192    
193                    if (value == null) {
194                            value = Boolean.valueOf(
195                                    isOrganizationAdminImpl(permissionChecker, organization));
196    
197                            _organizationAdmins.put(organization.getOrganizationId(), value);
198                    }
199    
200                    return value.booleanValue();
201            }
202    
203            @Override
204            public boolean isOrganizationOwner(
205                            PermissionChecker permissionChecker, Organization organization)
206                    throws Exception {
207    
208                    Boolean value = _organizationOwners.get(
209                            organization.getOrganizationId());
210    
211                    if (value == null) {
212                            value = Boolean.valueOf(
213                                    isOrganizationOwnerImpl(permissionChecker, organization));
214    
215                            _organizationOwners.put(organization.getOrganizationId(), value);
216                    }
217    
218                    return value.booleanValue();
219            }
220    
221            protected boolean isGroupAdminImpl(
222                            PermissionChecker permissionChecker, Group group)
223                    throws PortalException, SystemException {
224    
225                    if (group.isLayout()) {
226                            long parentGroupId = group.getParentGroupId();
227    
228                            if (parentGroupId == GroupConstants.DEFAULT_PARENT_GROUP_ID) {
229                                    return false;
230                            }
231    
232                            group = GroupLocalServiceUtil.getGroup(parentGroupId);
233                    }
234    
235                    if (group.isSite()) {
236                            if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
237                                            _userId, group.getGroupId(),
238                                            RoleConstants.SITE_ADMINISTRATOR, true) ||
239                                    UserGroupRoleLocalServiceUtil.hasUserGroupRole(
240                                            _userId, group.getGroupId(), RoleConstants.SITE_OWNER,
241                                            true)) {
242    
243                                    return true;
244                            }
245                    }
246    
247                    if (group.isCompany()) {
248                            if (permissionChecker.isCompanyAdmin()) {
249                                    return true;
250                            }
251                            else {
252                                    return false;
253                            }
254                    }
255                    else if (group.isLayoutPrototype()) {
256                            if (LayoutPrototypePermissionUtil.contains(
257                                            permissionChecker, group.getClassPK(), ActionKeys.UPDATE)) {
258    
259                                    return true;
260                            }
261                            else {
262                                    return false;
263                            }
264                    }
265                    else if (group.isLayoutSetPrototype()) {
266                            if (LayoutSetPrototypePermissionUtil.contains(
267                                            permissionChecker, group.getClassPK(), ActionKeys.UPDATE)) {
268    
269                                    return true;
270                            }
271                            else {
272                                    return false;
273                            }
274                    }
275                    else if (group.isOrganization()) {
276                            long organizationId = group.getOrganizationId();
277    
278                            while (organizationId !=
279                                                    OrganizationConstants.DEFAULT_PARENT_ORGANIZATION_ID) {
280    
281                                    Organization organization =
282                                            OrganizationLocalServiceUtil.getOrganization(
283                                                    organizationId);
284    
285                                    Group organizationGroup = organization.getGroup();
286    
287                                    long organizationGroupId = organizationGroup.getGroupId();
288    
289                                    if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
290                                                    _userId, organizationGroupId,
291                                                    RoleConstants.ORGANIZATION_ADMINISTRATOR, true) ||
292                                            UserGroupRoleLocalServiceUtil.hasUserGroupRole(
293                                                    _userId, organizationGroupId,
294                                                    RoleConstants.ORGANIZATION_OWNER, true)) {
295    
296                                            return true;
297                                    }
298    
299                                    organizationId = organization.getParentOrganizationId();
300                            }
301                    }
302    
303                    return false;
304            }
305    
306            protected boolean isGroupOwnerImpl(
307                            PermissionChecker permissionChecker, Group group)
308                    throws PortalException, SystemException {
309    
310                    if (group.isSite()) {
311                            if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
312                                            _userId, group.getGroupId(), RoleConstants.SITE_OWNER,
313                                            true)) {
314    
315                                    return true;
316                            }
317                    }
318    
319                    if (group.isLayoutPrototype()) {
320                            if (LayoutPrototypePermissionUtil.contains(
321                                            permissionChecker, group.getClassPK(), ActionKeys.UPDATE)) {
322    
323                                    return true;
324                            }
325                            else {
326                                    return false;
327                            }
328                    }
329                    else if (group.isLayoutSetPrototype()) {
330                            if (LayoutSetPrototypePermissionUtil.contains(
331                                            permissionChecker, group.getClassPK(), ActionKeys.UPDATE)) {
332    
333                                    return true;
334                            }
335                            else {
336                                    return false;
337                            }
338                    }
339                    else if (group.isOrganization()) {
340                            long organizationId = group.getOrganizationId();
341    
342                            while (organizationId !=
343                                                    OrganizationConstants.DEFAULT_PARENT_ORGANIZATION_ID) {
344    
345                                    Organization organization =
346                                            OrganizationLocalServiceUtil.getOrganization(
347                                                    organizationId);
348    
349                                    Group organizationGroup = organization.getGroup();
350    
351                                    long organizationGroupId = organizationGroup.getGroupId();
352    
353                                    if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
354                                                    _userId, organizationGroupId,
355                                                    RoleConstants.ORGANIZATION_OWNER, true)) {
356    
357                                            return true;
358                                    }
359    
360                                    organizationId = organization.getParentOrganizationId();
361                            }
362                    }
363                    else if (group.isUser()) {
364                            long userId = group.getClassPK();
365    
366                            if (userId == _userId) {
367                                    return true;
368                            }
369                    }
370    
371                    return false;
372            }
373    
374            protected boolean isOrganizationAdminImpl(
375                            PermissionChecker permissionChecker, Organization organization)
376                    throws PortalException, SystemException {
377    
378                    while (organization != null) {
379                            Group organizationGroup = organization.getGroup();
380    
381                            long organizationGroupId = organizationGroup.getGroupId();
382    
383                            if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
384                                            _userId, organizationGroupId,
385                                            RoleConstants.ORGANIZATION_ADMINISTRATOR, true) ||
386                                    UserGroupRoleLocalServiceUtil.hasUserGroupRole(
387                                            _userId, organizationGroupId,
388                                            RoleConstants.ORGANIZATION_OWNER, true)) {
389    
390                                    return true;
391                            }
392    
393                            organization = organization.getParentOrganization();
394                    }
395    
396                    return false;
397            }
398    
399            protected boolean isOrganizationOwnerImpl(
400                            PermissionChecker permissionChecker, Organization organization)
401                    throws PortalException, SystemException {
402    
403                    while (organization != null) {
404                            Group organizationGroup = organization.getGroup();
405    
406                            long organizationGroupId = organizationGroup.getGroupId();
407    
408                            if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
409                                            _userId, organizationGroupId,
410                                            RoleConstants.ORGANIZATION_OWNER, true)) {
411    
412                                    return true;
413                            }
414    
415                            organization = organization.getParentOrganization();
416                    }
417    
418                    return false;
419            }
420    
421            private Map<Long, Boolean> _groupAdmins = new HashMap<Long, Boolean>();
422            private Map<Long, Boolean> _groupOwners = new HashMap<Long, Boolean>();
423            private List<Group> _groups;
424            private Map<Long, Boolean> _organizationAdmins =
425                    new HashMap<Long, Boolean>();
426            private Map<Long, Boolean> _organizationOwners =
427                    new HashMap<Long, Boolean>();
428            private long[] _roleIds;
429            private List<Role> _roles;
430            private List<Group> _userGroups;
431            private long _userId;
432            private List<Group> _userOrgGroups;
433            private List<Organization> _userOrgs;
434            private List<Group> _userUserGroupGroups;
435    
436    }