001    /**
002     * Copyright (c) 2000-present Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.service.impl;
016    
017    import com.liferay.portal.kernel.exception.PortalException;
018    import com.liferay.portal.model.Group;
019    import com.liferay.portal.model.Role;
020    import com.liferay.portal.model.RoleConstants;
021    import com.liferay.portal.model.UserGroupRole;
022    import com.liferay.portal.security.membershippolicy.OrganizationMembershipPolicyUtil;
023    import com.liferay.portal.security.membershippolicy.SiteMembershipPolicyUtil;
024    import com.liferay.portal.service.base.UserGroupRoleServiceBaseImpl;
025    import com.liferay.portal.service.permission.UserGroupRolePermissionUtil;
026    import com.liferay.portal.service.persistence.UserGroupRolePK;
027    
028    import java.util.ArrayList;
029    import java.util.List;
030    
031    /**
032     * @author Brian Wing Shun Chan
033     */
034    public class UserGroupRoleServiceImpl extends UserGroupRoleServiceBaseImpl {
035    
036            @Override
037            public void addUserGroupRoles(long userId, long groupId, long[] roleIds)
038                    throws PortalException {
039    
040                    List<UserGroupRole> organizationUserGroupRoles = new ArrayList<>();
041                    List<UserGroupRole> siteUserGroupRoles = new ArrayList<>();
042    
043                    Group group = groupLocalService.getGroup(groupId);
044    
045                    for (long roleId : roleIds) {
046                            Role role = rolePersistence.findByPrimaryKey(roleId);
047    
048                            UserGroupRolePermissionUtil.check(
049                                    getPermissionChecker(), group, role);
050    
051                            UserGroupRolePK userGroupRolePK = new UserGroupRolePK(
052                                    userId, groupId, roleId);
053    
054                            UserGroupRole userGroupRole = userGroupRolePersistence.create(
055                                    userGroupRolePK);
056    
057                            if (role.getType() == RoleConstants.TYPE_ORGANIZATION) {
058                                    organizationUserGroupRoles.add(userGroupRole);
059                            }
060                            else if (role.getType() == RoleConstants.TYPE_SITE) {
061                                    siteUserGroupRoles.add(userGroupRole);
062                            }
063                    }
064    
065                    if (!siteUserGroupRoles.isEmpty()) {
066                            SiteMembershipPolicyUtil.checkRoles(siteUserGroupRoles, null);
067                    }
068    
069                    if (!organizationUserGroupRoles.isEmpty()) {
070                            OrganizationMembershipPolicyUtil.checkRoles(
071                                    organizationUserGroupRoles, null);
072                    }
073    
074                    userGroupRoleLocalService.addUserGroupRoles(userId, groupId, roleIds);
075    
076                    if (!siteUserGroupRoles.isEmpty()) {
077                            SiteMembershipPolicyUtil.propagateRoles(siteUserGroupRoles, null);
078                    }
079    
080                    if (!organizationUserGroupRoles.isEmpty()) {
081                            OrganizationMembershipPolicyUtil.propagateRoles(
082                                    organizationUserGroupRoles, null);
083                    }
084            }
085    
086            @Override
087            public void addUserGroupRoles(long[] userIds, long groupId, long roleId)
088                    throws PortalException {
089    
090                    UserGroupRolePermissionUtil.check(
091                            getPermissionChecker(), groupId, roleId);
092    
093                    List<UserGroupRole> userGroupRoles = new ArrayList<>();
094    
095                    for (long userId : userIds) {
096                            UserGroupRolePK userGroupRolePK = new UserGroupRolePK(
097                                    userId, groupId, roleId);
098    
099                            UserGroupRole userGroupRole = userGroupRolePersistence.create(
100                                    userGroupRolePK);
101    
102                            userGroupRoles.add(userGroupRole);
103                    }
104    
105                    if (userGroupRoles.isEmpty()) {
106                            return;
107                    }
108    
109                    Role role = rolePersistence.findByPrimaryKey(roleId);
110    
111                    if (role.getType() == RoleConstants.TYPE_ORGANIZATION) {
112                            OrganizationMembershipPolicyUtil.checkRoles(userGroupRoles, null);
113                    }
114                    else if (role.getType() == RoleConstants.TYPE_SITE) {
115                            SiteMembershipPolicyUtil.checkRoles(userGroupRoles, null);
116                    }
117    
118                    userGroupRoleLocalService.addUserGroupRoles(userIds, groupId, roleId);
119    
120                    if (role.getType() == RoleConstants.TYPE_ORGANIZATION) {
121                            OrganizationMembershipPolicyUtil.propagateRoles(
122                                    userGroupRoles, null);
123                    }
124                    else if (role.getType() == RoleConstants.TYPE_SITE) {
125                            SiteMembershipPolicyUtil.propagateRoles(userGroupRoles, null);
126                    }
127            }
128    
129            @Override
130            public void deleteUserGroupRoles(long userId, long groupId, long[] roleIds)
131                    throws PortalException {
132    
133                    List<UserGroupRole> filteredOrganizationUserGroupRoles =
134                            new ArrayList<>();
135                    List<UserGroupRole> filteredSiteUserGroupRoles = new ArrayList<>();
136    
137                    Group group = groupLocalService.getGroup(groupId);
138    
139                    for (long roleId : roleIds) {
140                            Role role = roleLocalService.getRole(roleId);
141    
142                            UserGroupRolePermissionUtil.check(
143                                    getPermissionChecker(), group, role);
144    
145                            UserGroupRolePK userGroupRolePK = new UserGroupRolePK(
146                                    userId, groupId, roleId);
147    
148                            UserGroupRole userGroupRole = userGroupRolePersistence.create(
149                                    userGroupRolePK);
150    
151                            if (role.getType() == RoleConstants.TYPE_ORGANIZATION) {
152                                    if (!OrganizationMembershipPolicyUtil.isRoleProtected(
153                                                    getPermissionChecker(), userId,
154                                                    group.getOrganizationId(), roleId)) {
155    
156                                            filteredOrganizationUserGroupRoles.add(userGroupRole);
157                                    }
158                            }
159                            else if ((role.getType() == RoleConstants.TYPE_SITE) &&
160                                             !SiteMembershipPolicyUtil.isRoleProtected(
161                                                     getPermissionChecker(), userId, groupId, roleId)) {
162    
163                                    filteredSiteUserGroupRoles.add(userGroupRole);
164                            }
165                    }
166    
167                    if (filteredOrganizationUserGroupRoles.isEmpty() &&
168                            filteredSiteUserGroupRoles.isEmpty()) {
169    
170                            return;
171                    }
172    
173                    if (!filteredOrganizationUserGroupRoles.isEmpty()) {
174                            OrganizationMembershipPolicyUtil.checkRoles(
175                                    null, filteredOrganizationUserGroupRoles);
176                    }
177    
178                    if (!filteredSiteUserGroupRoles.isEmpty()) {
179                            SiteMembershipPolicyUtil.checkRoles(
180                                    null, filteredSiteUserGroupRoles);
181                    }
182    
183                    userGroupRoleLocalService.deleteUserGroupRoles(
184                            userId, groupId, roleIds);
185    
186                    if (!filteredOrganizationUserGroupRoles.isEmpty()) {
187                            OrganizationMembershipPolicyUtil.propagateRoles(
188                                    null, filteredOrganizationUserGroupRoles);
189                    }
190    
191                    if (!filteredSiteUserGroupRoles.isEmpty()) {
192                            SiteMembershipPolicyUtil.propagateRoles(
193                                    null, filteredSiteUserGroupRoles);
194                    }
195            }
196    
197            @Override
198            public void deleteUserGroupRoles(long[] userIds, long groupId, long roleId)
199                    throws PortalException {
200    
201                    UserGroupRolePermissionUtil.check(
202                            getPermissionChecker(), groupId, roleId);
203    
204                    List<UserGroupRole> filteredUserGroupRoles = new ArrayList<>();
205    
206                    Role role = rolePersistence.findByPrimaryKey(roleId);
207    
208                    for (long userId : userIds) {
209                            UserGroupRolePK userGroupRolePK = new UserGroupRolePK(
210                                    userId, groupId, roleId);
211    
212                            UserGroupRole userGroupRole = userGroupRolePersistence.create(
213                                    userGroupRolePK);
214    
215                            if (role.getType() == RoleConstants.TYPE_ORGANIZATION) {
216                                    Group group = groupPersistence.findByPrimaryKey(groupId);
217    
218                                    if (!OrganizationMembershipPolicyUtil.isRoleProtected(
219                                                    getPermissionChecker(), userId,
220                                                    group.getOrganizationId(), roleId)) {
221    
222                                            filteredUserGroupRoles.add(userGroupRole);
223                                    }
224                            }
225                            else if ((role.getType() == RoleConstants.TYPE_SITE) &&
226                                             !SiteMembershipPolicyUtil.isRoleProtected(
227                                                     getPermissionChecker(), userId, groupId, roleId)) {
228    
229                                    filteredUserGroupRoles.add(userGroupRole);
230                            }
231                    }
232    
233                    if (filteredUserGroupRoles.isEmpty()) {
234                            return;
235                    }
236    
237                    if (role.getType() == RoleConstants.TYPE_ORGANIZATION) {
238                            OrganizationMembershipPolicyUtil.checkRoles(
239                                    null, filteredUserGroupRoles);
240                    }
241                    else if (role.getType() == RoleConstants.TYPE_SITE) {
242                            SiteMembershipPolicyUtil.checkRoles(null, filteredUserGroupRoles);
243                    }
244    
245                    userGroupRoleLocalService.deleteUserGroupRoles(
246                            userIds, groupId, roleId);
247    
248                    if (role.getType() == RoleConstants.TYPE_SITE) {
249                            SiteMembershipPolicyUtil.propagateRoles(
250                                    null, filteredUserGroupRoles);
251                    }
252                    else if (role.getType() == RoleConstants.TYPE_ORGANIZATION) {
253                            OrganizationMembershipPolicyUtil.propagateRoles(
254                                    null, filteredUserGroupRoles);
255                    }
256            }
257    
258    }