001
014
015 package com.liferay.portal.security.membershippolicy;
016
017 import com.liferay.portal.kernel.dao.orm.ActionableDynamicQuery;
018 import com.liferay.portal.kernel.dao.orm.DynamicQuery;
019 import com.liferay.portal.kernel.dao.orm.Property;
020 import com.liferay.portal.kernel.dao.orm.PropertyFactoryUtil;
021 import com.liferay.portal.kernel.exception.PortalException;
022 import com.liferay.portal.model.Group;
023 import com.liferay.portal.model.Role;
024 import com.liferay.portal.model.RoleConstants;
025 import com.liferay.portal.model.UserGroupRole;
026 import com.liferay.portal.security.permission.PermissionChecker;
027 import com.liferay.portal.service.GroupLocalServiceUtil;
028 import com.liferay.portal.service.RoleLocalServiceUtil;
029 import com.liferay.portal.service.UserGroupRoleLocalServiceUtil;
030 import com.liferay.portal.service.persistence.UserGroupRolePK;
031
032 import java.io.Serializable;
033
034 import java.util.ArrayList;
035 import java.util.List;
036 import java.util.Map;
037
038
042 public abstract class BaseSiteMembershipPolicy implements SiteMembershipPolicy {
043
044 @Override
045 @SuppressWarnings("unused")
046 public void checkRoles(
047 List<UserGroupRole> addUserGroupRoles,
048 List<UserGroupRole> removeUserGroupRoles)
049 throws PortalException {
050 }
051
052 @Override
053 @SuppressWarnings("unused")
054 public boolean isMembershipAllowed(long userId, long groupId)
055 throws PortalException {
056
057 try {
058 checkMembership(new long[] {userId}, new long[] {groupId}, null);
059 }
060 catch (Exception e) {
061 return false;
062 }
063
064 return true;
065 }
066
067 @Override
068 public boolean isMembershipProtected(
069 PermissionChecker permissionChecker, long userId, long groupId)
070 throws PortalException {
071
072 if (permissionChecker.isGroupOwner(groupId)) {
073 return false;
074 }
075
076 Role siteAdministratorRole = RoleLocalServiceUtil.getRole(
077 permissionChecker.getCompanyId(), RoleConstants.SITE_ADMINISTRATOR);
078
079 if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
080 userId, groupId, siteAdministratorRole.getRoleId())) {
081
082 return true;
083 }
084
085 Role siteOwnerRole = RoleLocalServiceUtil.getRole(
086 permissionChecker.getCompanyId(), RoleConstants.SITE_OWNER);
087
088 if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
089 userId, groupId, siteOwnerRole.getRoleId())) {
090
091 return true;
092 }
093
094 return false;
095 }
096
097 @Override
098 @SuppressWarnings("unused")
099 public boolean isMembershipRequired(long userId, long groupId)
100 throws PortalException {
101
102 try {
103 checkMembership(new long[] {userId}, null, new long[] {groupId});
104 }
105 catch (Exception e) {
106 return true;
107 }
108
109 return false;
110 }
111
112 @Override
113 @SuppressWarnings("unused")
114 public boolean isRoleAllowed(long userId, long groupId, long roleId)
115 throws PortalException {
116
117 List<UserGroupRole> userGroupRoles = new ArrayList<>();
118
119 UserGroupRolePK userGroupRolePK = new UserGroupRolePK(
120 userId, groupId, roleId);
121
122 UserGroupRole userGroupRole =
123 UserGroupRoleLocalServiceUtil.createUserGroupRole(userGroupRolePK);
124
125 userGroupRoles.add(userGroupRole);
126
127 try {
128 checkRoles(userGroupRoles, null);
129 }
130 catch (Exception e) {
131 return false;
132 }
133
134 return true;
135 }
136
137 @Override
138 public boolean isRoleProtected(
139 PermissionChecker permissionChecker, long userId, long groupId,
140 long roleId)
141 throws PortalException {
142
143 if (permissionChecker.isGroupOwner(groupId)) {
144 return false;
145 }
146
147 Role role = RoleLocalServiceUtil.getRole(roleId);
148
149 String roleName = role.getName();
150
151 if (!roleName.equals(RoleConstants.SITE_ADMINISTRATOR) &&
152 !roleName.equals(RoleConstants.SITE_OWNER)) {
153
154 return false;
155 }
156
157 if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
158 userId, groupId, roleId)) {
159
160 return true;
161 }
162
163 return false;
164 }
165
166 @Override
167 public boolean isRoleRequired(long userId, long groupId, long roleId) {
168 List<UserGroupRole> userGroupRoles = new ArrayList<>();
169
170 UserGroupRolePK userGroupRolePK = new UserGroupRolePK(
171 userId, groupId, roleId);
172
173 UserGroupRole userGroupRole =
174 UserGroupRoleLocalServiceUtil.createUserGroupRole(userGroupRolePK);
175
176 userGroupRoles.add(userGroupRole);
177
178 try {
179 checkRoles(null, userGroupRoles);
180 }
181 catch (Exception e) {
182 return true;
183 }
184
185 return false;
186 }
187
188 @Override
189 @SuppressWarnings("unused")
190 public void propagateRoles(
191 List<UserGroupRole> addUserGroupRoles,
192 List<UserGroupRole> removeUserGroupRoles)
193 throws PortalException {
194 }
195
196 @Override
197 public void verifyPolicy() throws PortalException {
198 ActionableDynamicQuery groupActionableDynamicQuery =
199 GroupLocalServiceUtil.getActionableDynamicQuery();
200
201 groupActionableDynamicQuery.setAddCriteriaMethod(
202 new ActionableDynamicQuery.AddCriteriaMethod() {
203
204 @Override
205 public void addCriteria(DynamicQuery dynamicQuery) {
206 Property property = PropertyFactoryUtil.forName("site");
207
208 dynamicQuery.add(property.eq(true));
209 }
210
211 });
212 groupActionableDynamicQuery.setPerformActionMethod(
213 new ActionableDynamicQuery.PerformActionMethod<Group>() {
214
215 @Override
216 public void performAction(Group group) throws PortalException {
217 verifyPolicy(group);
218
219 ActionableDynamicQuery userGroupRoleActionableDynamicQuery =
220 UserGroupRoleLocalServiceUtil.
221 getActionableDynamicQuery();
222
223 userGroupRoleActionableDynamicQuery.setGroupId(
224 group.getGroupId());
225 userGroupRoleActionableDynamicQuery.setPerformActionMethod(
226 new ActionableDynamicQuery.
227 PerformActionMethod<UserGroupRole>() {
228
229 @Override
230 public void performAction(
231 UserGroupRole userGroupRole)
232 throws PortalException {
233
234 verifyPolicy(userGroupRole.getRole());
235 }
236
237 });
238
239 userGroupRoleActionableDynamicQuery.performActions();
240 }
241
242 });
243
244 groupActionableDynamicQuery.performActions();
245 }
246
247 @Override
248 public void verifyPolicy(Group group) throws PortalException {
249 verifyPolicy(group, null, null, null, null, null);
250 }
251
252 @Override
253 public void verifyPolicy(Role role) {
254 }
255
256 @Override
257 public void verifyPolicy(
258 Role role, Role oldRole,
259 Map<String, Serializable> oldExpandoAttributes) {
260 }
261
262 }