001
014
015 package com.liferay.portal.service.permission;
016
017 import com.liferay.portal.kernel.exception.PortalException;
018 import com.liferay.portal.kernel.exception.SystemException;
019 import com.liferay.portal.kernel.util.ArrayUtil;
020 import com.liferay.portal.model.Group;
021 import com.liferay.portal.model.Organization;
022 import com.liferay.portal.model.OrganizationConstants;
023 import com.liferay.portal.security.auth.PrincipalException;
024 import com.liferay.portal.security.permission.ActionKeys;
025 import com.liferay.portal.security.permission.PermissionChecker;
026 import com.liferay.portal.service.OrganizationLocalServiceUtil;
027
028
033 public class OrganizationPermissionImpl implements OrganizationPermission {
034
035 @Override
036 public void check(
037 PermissionChecker permissionChecker, long organizationId,
038 String actionId)
039 throws PortalException, SystemException {
040
041 if (!contains(permissionChecker, organizationId, actionId)) {
042 throw new PrincipalException();
043 }
044 }
045
046 @Override
047 public void check(
048 PermissionChecker permissionChecker, Organization organization,
049 String actionId)
050 throws PortalException, SystemException {
051
052 if (!contains(permissionChecker, organization, actionId)) {
053 throw new PrincipalException();
054 }
055 }
056
057 @Override
058 public boolean contains(
059 PermissionChecker permissionChecker, long organizationId,
060 String actionId)
061 throws PortalException, SystemException {
062
063 if (organizationId > 0) {
064 Organization organization =
065 OrganizationLocalServiceUtil.getOrganization(organizationId);
066
067 return contains(permissionChecker, organization, actionId);
068 }
069 else {
070 return false;
071 }
072 }
073
074 @Override
075 public boolean contains(
076 PermissionChecker permissionChecker, long[] organizationIds,
077 String actionId)
078 throws PortalException, SystemException {
079
080 if (ArrayUtil.isEmpty(organizationIds)) {
081 return true;
082 }
083
084 for (long organizationId : organizationIds) {
085 check(permissionChecker, organizationId, actionId);
086 }
087
088 return true;
089 }
090
091 @Override
092 public boolean contains(
093 PermissionChecker permissionChecker, Organization organization,
094 String actionId)
095 throws PortalException, SystemException {
096
097 Group group = organization.getGroup();
098
099 long groupId = group.getGroupId();
100
101 if (contains(permissionChecker, groupId, organization, actionId)) {
102 return true;
103 }
104
105 while (!organization.isRoot()) {
106 Organization parentOrganization =
107 organization.getParentOrganization();
108
109 Group parentGroup = parentOrganization.getGroup();
110
111 groupId = parentGroup.getGroupId();
112
113 if (contains(
114 permissionChecker, groupId, parentOrganization,
115 ActionKeys.MANAGE_SUBORGANIZATIONS)) {
116
117 return true;
118 }
119
120 organization = parentOrganization;
121 }
122
123 return false;
124 }
125
126 protected boolean contains(
127 PermissionChecker permissionChecker, long groupId,
128 Organization organization, String actionId)
129 throws PortalException, SystemException {
130
131 while ((organization != null) &&
132 (organization.getOrganizationId() !=
133 OrganizationConstants.DEFAULT_PARENT_ORGANIZATION_ID)) {
134
135 if (actionId.equals(ActionKeys.ADD_ORGANIZATION) &&
136 permissionChecker.hasPermission(
137 groupId, Organization.class.getName(),
138 organization.getOrganizationId(),
139 ActionKeys.MANAGE_SUBORGANIZATIONS) ||
140 PortalPermissionUtil.contains(
141 permissionChecker, ActionKeys.ADD_ORGANIZATION)) {
142
143 return true;
144 }
145 else if (permissionChecker.hasPermission(
146 groupId, Organization.class.getName(),
147 organization.getOrganizationId(), actionId)) {
148
149 return true;
150 }
151
152 organization = organization.getParentOrganization();
153 }
154
155 return false;
156 }
157
158 }