001
014
015 package com.liferay.portlet.messageboards.service.permission;
016
017 import com.liferay.portal.kernel.exception.PortalException;
018 import com.liferay.portal.kernel.portlet.PortletProvider;
019 import com.liferay.portal.kernel.portlet.PortletProviderUtil;
020 import com.liferay.portal.kernel.spring.osgi.OSGiBeanProperties;
021 import com.liferay.portal.kernel.workflow.WorkflowInstance;
022 import com.liferay.portal.kernel.workflow.permission.WorkflowPermissionUtil;
023 import com.liferay.portal.security.auth.PrincipalException;
024 import com.liferay.portal.security.permission.ActionKeys;
025 import com.liferay.portal.security.permission.BaseModelPermissionChecker;
026 import com.liferay.portal.security.permission.BaseModelPermissionCheckerUtil;
027 import com.liferay.portal.security.permission.PermissionChecker;
028 import com.liferay.portal.security.permission.ResourceActionsUtil;
029 import com.liferay.portal.util.PortletKeys;
030 import com.liferay.portal.util.PropsValues;
031 import com.liferay.portlet.exportimport.staging.permission.StagingPermissionUtil;
032 import com.liferay.portlet.messageboards.model.MBDiscussion;
033 import com.liferay.portlet.messageboards.model.MBMessage;
034 import com.liferay.portlet.messageboards.service.MBBanLocalServiceUtil;
035 import com.liferay.portlet.messageboards.service.MBDiscussionLocalServiceUtil;
036 import com.liferay.portlet.messageboards.service.MBMessageLocalServiceUtil;
037
038 import java.util.List;
039
040
045 @OSGiBeanProperties(
046 property = {
047 "model.class.name=com.liferay.portlet.messageboards.model.MBDiscussion"
048 }
049 )
050 public class MBDiscussionPermission implements BaseModelPermissionChecker {
051
052 public static void check(
053 PermissionChecker permissionChecker, long companyId, long groupId,
054 String className, long classPK, String actionId)
055 throws PortalException {
056
057 if (!contains(
058 permissionChecker, companyId, groupId, className, classPK,
059 actionId)) {
060
061 throw new PrincipalException.MustHavePermission(
062 permissionChecker, className, classPK, actionId);
063 }
064 }
065
066 public static void check(
067 PermissionChecker permissionChecker, long messageId,
068 String actionId)
069 throws PortalException {
070
071 if (!contains(permissionChecker, messageId, actionId)) {
072 throw new PrincipalException.MustHavePermission(
073 permissionChecker, MBMessage.class.getName(), messageId,
074 actionId);
075 }
076 }
077
078 public static boolean contains(
079 PermissionChecker permissionChecker, long companyId, long groupId,
080 String className, long classPK, String actionId) {
081
082 if (MBBanLocalServiceUtil.hasBan(
083 groupId, permissionChecker.getUserId())) {
084
085 return false;
086 }
087
088 String portletId = PortletProviderUtil.getPortletId(
089 MBDiscussion.class.getName(), PortletProvider.Action.EDIT);
090
091 Boolean hasPermission = StagingPermissionUtil.hasPermission(
092 permissionChecker, groupId, className, classPK, portletId,
093 actionId);
094
095 if (hasPermission != null) {
096 return hasPermission.booleanValue();
097 }
098
099 List<String> resourceActions = ResourceActionsUtil.getResourceActions(
100 className);
101
102 if (!resourceActions.contains(actionId)) {
103 return true;
104 }
105
106 MBDiscussion mbDiscussion =
107 MBDiscussionLocalServiceUtil.fetchDiscussion(className, classPK);
108
109 if (mbDiscussion == null) {
110 return false;
111 }
112
113 if ((mbDiscussion.getUserId() > 0) &&
114 permissionChecker.hasOwnerPermission(
115 companyId, className, classPK, mbDiscussion.getUserId(),
116 actionId)) {
117
118 return true;
119 }
120
121 hasPermission =
122 BaseModelPermissionCheckerUtil.containsBaseModelPermission(
123 permissionChecker, groupId, className, classPK, actionId);
124
125 if (hasPermission != null) {
126 return hasPermission.booleanValue();
127 }
128
129 return permissionChecker.hasPermission(
130 groupId, className, classPK, actionId);
131 }
132
133 public static boolean contains(
134 PermissionChecker permissionChecker, long messageId,
135 String actionId)
136 throws PortalException {
137
138 MBMessage message = MBMessageLocalServiceUtil.getMessage(messageId);
139
140 String className = message.getClassName();
141
142 if (className.equals(WorkflowInstance.class.getName())) {
143 return permissionChecker.hasPermission(
144 message.getGroupId(), PortletKeys.WORKFLOW_DEFINITION,
145 message.getGroupId(), ActionKeys.VIEW);
146 }
147
148 if (PropsValues.DISCUSSION_COMMENTS_ALWAYS_EDITABLE_BY_OWNER &&
149 (permissionChecker.getUserId() == message.getUserId())) {
150
151 return true;
152 }
153
154 if (message.isPending()) {
155 Boolean hasPermission = WorkflowPermissionUtil.hasPermission(
156 permissionChecker, message.getGroupId(),
157 message.getWorkflowClassName(), message.getMessageId(),
158 actionId);
159
160 if (hasPermission != null) {
161 return hasPermission.booleanValue();
162 }
163 }
164
165 return contains(
166 permissionChecker, message.getCompanyId(), message.getGroupId(),
167 className, message.getClassPK(), actionId);
168 }
169
170 @Override
171 public void checkBaseModel(
172 PermissionChecker permissionChecker, long groupId, long primaryKey,
173 String actionId)
174 throws PortalException {
175
176 MBDiscussion mbDiscussion =
177 MBDiscussionLocalServiceUtil.getMBDiscussion(primaryKey);
178
179 check(
180 permissionChecker, mbDiscussion.getCompanyId(), groupId,
181 mbDiscussion.getClassName(), mbDiscussion.getClassPK(), actionId);
182 }
183
184 }