001 /** 002 * Copyright (c) 2000-present Liferay, Inc. All rights reserved. 003 * 004 * This library is free software; you can redistribute it and/or modify it under 005 * the terms of the GNU Lesser General Public License as published by the Free 006 * Software Foundation; either version 2.1 of the License, or (at your option) 007 * any later version. 008 * 009 * This library is distributed in the hope that it will be useful, but WITHOUT 010 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS 011 * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more 012 * details. 013 */ 014 015 package com.liferay.portal.model.impl; 016 017 import com.liferay.portal.model.ResourceAction; 018 019 /** 020 * Stores the actions a role has permission to perform on all resources of the 021 * type within the group/company. 022 * 023 * <p> 024 * Resource type permissions can exist at either company or group scope. They 025 * are roughly equivalent to resource permissions with company, group, or 026 * group-template scope. However, resource type permissions make no distinction 027 * between company and group-template scope, storing both as company scope 028 * permissions. The reason for this simplification is that regular roles cannot 029 * have group-template scope permissions, and site/organization roles can only 030 * have group-template scope permissions. Therefore, resource type permissions 031 * depend on the type of their associated role to distinguish between the two 032 * scopes. 033 * </p> 034 * 035 * <p> 036 * Do not confuse resource type permissions with resource block permissions; 037 * they serve very different purposes. Resource block permissions store the 038 * permissions on a single resource block, and are simply a representation of 039 * who can do what to the resources within the block. Resource type permissions 040 * grant permissions to perform actions on all resources of a type within a 041 * group or company. Any permissions granted to a role with a resource type 042 * permission are automatically added to all the resource blocks for that 043 * resource type within the group/company. 044 * </p> 045 * 046 * <p> 047 * For example, if a company scope resource type permission is granted to a role 048 * to edit blog entries, all the resource blocks within the company for blog 049 * entries are modified to grant the role permission to edit the blog entries 050 * they contain. Thus, granting and revoking resource type permissions will also 051 * cause those same permissions to be granted/revoked at the resource block 052 * permission level. 053 * </p> 054 * 055 * <p> 056 * Copying permissions from the company and group scope to the resource block 057 * scope eliminates the need to check multiple scopes when determining if a role 058 * has permission to perform an action on a resource. All the necessary 059 * information is cached at the most granular level. 060 * </p> 061 * 062 * <p> 063 * Rather than using a separate "scope" attribute as {@linkplain 064 * ResourcePermissionImpl resource permissions} do, company scope resource type 065 * permissions simply have a <code>groupId</code> of <code>0</code> 066 * </p> 067 * 068 * <p> 069 * The type of resource the permission grants access to is specified by the 070 * <code>name</code> attribute, which must be the fully qualified class name of 071 * a model (such as a blog entry). 072 * </p> 073 * 074 * <p> 075 * The <code>actionIds</code> attribute stores the bitwise IDs of all the 076 * actions allowed by this permission. 077 * </p> 078 * 079 * @author Connor McKay 080 */ 081 public class ResourceTypePermissionImpl extends ResourceTypePermissionBaseImpl { 082 083 @Override 084 public boolean hasAction(ResourceAction resourceAction) { 085 if ((resourceAction != null) && 086 ((getActionIds() & resourceAction.getBitwiseValue()) != 0)) { 087 088 return true; 089 } 090 091 return false; 092 } 093 094 @Override 095 public boolean isCompanyScope() { 096 if (getGroupId() == 0) { 097 return true; 098 } 099 else { 100 return false; 101 } 102 } 103 104 @Override 105 public boolean isGroupScope() { 106 return !isCompanyScope(); 107 } 108 109 }