001
014
015 package com.liferay.portlet.messageboards.service.permission;
016
017 import com.liferay.portal.kernel.exception.PortalException;
018 import com.liferay.portal.kernel.portlet.PortletProvider;
019 import com.liferay.portal.kernel.portlet.PortletProviderUtil;
020 import com.liferay.portal.kernel.spring.osgi.OSGiBeanProperties;
021 import com.liferay.portal.security.auth.PrincipalException;
022 import com.liferay.portal.security.permission.ActionKeys;
023 import com.liferay.portal.security.permission.BaseModelPermissionChecker;
024 import com.liferay.portal.security.permission.PermissionChecker;
025 import com.liferay.portal.util.PropsValues;
026 import com.liferay.portlet.exportimport.staging.permission.StagingPermissionUtil;
027 import com.liferay.portlet.messageboards.exception.NoSuchCategoryException;
028 import com.liferay.portlet.messageboards.model.MBCategory;
029 import com.liferay.portlet.messageboards.model.MBCategoryConstants;
030 import com.liferay.portlet.messageboards.service.MBBanLocalServiceUtil;
031 import com.liferay.portlet.messageboards.service.MBCategoryLocalServiceUtil;
032
033
037 @OSGiBeanProperties(
038 property = {
039 "model.class.name=com.liferay.portlet.messageboards.model.MBCategory"
040 }
041 )
042 public class MBCategoryPermission implements BaseModelPermissionChecker {
043
044 public static void check(
045 PermissionChecker permissionChecker, long groupId, long categoryId,
046 String actionId)
047 throws PortalException {
048
049 if (!contains(permissionChecker, groupId, categoryId, actionId)) {
050 throw new PrincipalException.MustHavePermission(
051 permissionChecker, MBCategory.class.getName(), categoryId,
052 actionId);
053 }
054 }
055
056 public static void check(
057 PermissionChecker permissionChecker, long categoryId,
058 String actionId)
059 throws PortalException {
060
061 if (!contains(permissionChecker, categoryId, actionId)) {
062 throw new PrincipalException.MustHavePermission(
063 permissionChecker, MBCategory.class.getName(), categoryId,
064 actionId);
065 }
066 }
067
068 public static void check(
069 PermissionChecker permissionChecker, MBCategory category,
070 String actionId)
071 throws PortalException {
072
073 if (!contains(permissionChecker, category, actionId)) {
074 throw new PrincipalException.MustHavePermission(
075 permissionChecker, MBCategory.class.getName(),
076 category.getCategoryId(), actionId);
077 }
078 }
079
080 public static boolean contains(
081 PermissionChecker permissionChecker, long groupId, long categoryId,
082 String actionId)
083 throws PortalException {
084
085 if (MBBanLocalServiceUtil.hasBan(
086 groupId, permissionChecker.getUserId())) {
087
088 return false;
089 }
090
091 if ((categoryId == MBCategoryConstants.DEFAULT_PARENT_CATEGORY_ID) ||
092 (categoryId == MBCategoryConstants.DISCUSSION_CATEGORY_ID)) {
093
094 return MBPermission.contains(permissionChecker, groupId, actionId);
095 }
096
097 MBCategory category = MBCategoryLocalServiceUtil.getCategory(
098 categoryId);
099
100 return contains(permissionChecker, category, actionId);
101 }
102
103 public static boolean contains(
104 PermissionChecker permissionChecker, long categoryId,
105 String actionId)
106 throws PortalException {
107
108 MBCategory category = MBCategoryLocalServiceUtil.getCategory(
109 categoryId);
110
111 return contains(permissionChecker, category, actionId);
112 }
113
114 public static boolean contains(
115 PermissionChecker permissionChecker, MBCategory category,
116 String actionId)
117 throws PortalException {
118
119 if (MBBanLocalServiceUtil.hasBan(
120 category.getGroupId(), permissionChecker.getUserId())) {
121
122 return false;
123 }
124
125 if (actionId.equals(ActionKeys.ADD_CATEGORY)) {
126 actionId = ActionKeys.ADD_SUBCATEGORY;
127 }
128
129 String portletId = PortletProviderUtil.getPortletId(
130 MBCategory.class.getName(), PortletProvider.Action.EDIT);
131
132 Boolean hasPermission = StagingPermissionUtil.hasPermission(
133 permissionChecker, category.getGroupId(),
134 MBCategory.class.getName(), category.getCategoryId(), portletId,
135 actionId);
136
137 if (hasPermission != null) {
138 return hasPermission.booleanValue();
139 }
140
141 if (actionId.equals(ActionKeys.VIEW) &&
142 PropsValues.PERMISSIONS_VIEW_DYNAMIC_INHERITANCE) {
143
144 try {
145 long categoryId = category.getCategoryId();
146
147 while (categoryId !=
148 MBCategoryConstants.DEFAULT_PARENT_CATEGORY_ID) {
149
150 category = MBCategoryLocalServiceUtil.getCategory(
151 categoryId);
152
153 if (!_hasPermission(
154 permissionChecker, category, actionId)) {
155
156 return false;
157 }
158
159 categoryId = category.getParentCategoryId();
160 }
161 }
162 catch (NoSuchCategoryException nsce) {
163 if (!category.isInTrash()) {
164 throw nsce;
165 }
166 }
167
168 return MBPermission.contains(
169 permissionChecker, category.getGroupId(), actionId);
170 }
171
172 return _hasPermission(permissionChecker, category, actionId);
173 }
174
175 @Override
176 public void checkBaseModel(
177 PermissionChecker permissionChecker, long groupId, long primaryKey,
178 String actionId)
179 throws PortalException {
180
181 check(permissionChecker, groupId, primaryKey, actionId);
182 }
183
184 private static boolean _hasPermission(
185 PermissionChecker permissionChecker, MBCategory category,
186 String actionId) {
187
188 if (permissionChecker.hasOwnerPermission(
189 category.getCompanyId(), MBCategory.class.getName(),
190 category.getCategoryId(), category.getUserId(), actionId) ||
191 permissionChecker.hasPermission(
192 category.getGroupId(), MBCategory.class.getName(),
193 category.getCategoryId(), actionId)) {
194
195 return true;
196 }
197
198 return false;
199 }
200
201 }