001
014
015 package com.liferay.portlet.documentlibrary.service.permission;
016
017 import com.liferay.portal.kernel.exception.PortalException;
018 import com.liferay.portal.kernel.portlet.PortletProvider;
019 import com.liferay.portal.kernel.portlet.PortletProviderUtil;
020 import com.liferay.portal.kernel.repository.model.FileEntry;
021 import com.liferay.portal.kernel.spring.osgi.OSGiBeanProperties;
022 import com.liferay.portal.kernel.workflow.permission.WorkflowPermissionUtil;
023 import com.liferay.portal.security.auth.PrincipalException;
024 import com.liferay.portal.security.permission.ActionKeys;
025 import com.liferay.portal.security.permission.BaseModelPermissionChecker;
026 import com.liferay.portal.security.permission.PermissionChecker;
027 import com.liferay.portal.util.PropsValues;
028 import com.liferay.portlet.documentlibrary.exception.NoSuchFolderException;
029 import com.liferay.portlet.documentlibrary.model.DLFileEntry;
030 import com.liferay.portlet.documentlibrary.model.DLFileVersion;
031 import com.liferay.portlet.documentlibrary.model.DLFolder;
032 import com.liferay.portlet.documentlibrary.model.DLFolderConstants;
033 import com.liferay.portlet.documentlibrary.service.DLAppLocalServiceUtil;
034 import com.liferay.portlet.documentlibrary.service.DLFolderLocalServiceUtil;
035 import com.liferay.portlet.exportimport.staging.permission.StagingPermissionUtil;
036
037
041 @OSGiBeanProperties(
042 property = {
043 "model.class.name=com.liferay.portlet.documentlibrary.model.DLFileEntry"
044 }
045 )
046 public class DLFileEntryPermission implements BaseModelPermissionChecker {
047
048 public static void check(
049 PermissionChecker permissionChecker, DLFileEntry dlFileEntry,
050 String actionId)
051 throws PortalException {
052
053 if (!contains(permissionChecker, dlFileEntry, actionId)) {
054 throw new PrincipalException.MustHavePermission(
055 permissionChecker, DLFileEntry.class.getName(),
056 dlFileEntry.getFileEntryId(), actionId);
057 }
058 }
059
060 public static void check(
061 PermissionChecker permissionChecker, FileEntry fileEntry,
062 String actionId)
063 throws PortalException {
064
065 if (!fileEntry.containsPermission(permissionChecker, actionId)) {
066 throw new PrincipalException.MustHavePermission(
067 permissionChecker, FileEntry.class.getName(),
068 fileEntry.getFileEntryId(), actionId);
069 }
070 }
071
072 public static void check(
073 PermissionChecker permissionChecker, long fileEntryId,
074 String actionId)
075 throws PortalException {
076
077 if (!contains(permissionChecker, fileEntryId, actionId)) {
078 throw new PrincipalException.MustHavePermission(
079 permissionChecker, FileEntry.class.getName(), fileEntryId,
080 actionId);
081 }
082 }
083
084 public static boolean contains(
085 PermissionChecker permissionChecker, DLFileEntry dlFileEntry,
086 String actionId)
087 throws PortalException {
088
089 String portletId = PortletProviderUtil.getPortletId(
090 FileEntry.class.getName(), PortletProvider.Action.EDIT);
091
092 Boolean hasPermission = StagingPermissionUtil.hasPermission(
093 permissionChecker, dlFileEntry.getGroupId(),
094 DLFileEntry.class.getName(), dlFileEntry.getFileEntryId(),
095 portletId, actionId);
096
097 if (hasPermission != null) {
098 return hasPermission.booleanValue();
099 }
100
101 DLFileVersion latestDLFileVersion = dlFileEntry.getLatestFileVersion(
102 true);
103
104 if (latestDLFileVersion.isPending()) {
105 hasPermission = WorkflowPermissionUtil.hasPermission(
106 permissionChecker, dlFileEntry.getGroupId(),
107 DLFileEntry.class.getName(), dlFileEntry.getFileEntryId(),
108 actionId);
109
110 if (hasPermission != null) {
111 return hasPermission.booleanValue();
112 }
113 }
114
115 if (actionId.equals(ActionKeys.VIEW) &&
116 PropsValues.PERMISSIONS_VIEW_DYNAMIC_INHERITANCE) {
117
118 long dlFolderId = dlFileEntry.getFolderId();
119
120 if (dlFolderId == DLFolderConstants.DEFAULT_PARENT_FOLDER_ID) {
121 if (!DLPermission.contains(
122 permissionChecker, dlFileEntry.getGroupId(),
123 actionId)) {
124
125 return false;
126 }
127 }
128 else {
129 try {
130 DLFolder dlFolder = DLFolderLocalServiceUtil.getFolder(
131 dlFolderId);
132
133 if (!DLFolderPermission.contains(
134 permissionChecker, dlFolder, ActionKeys.ACCESS) &&
135 !DLFolderPermission.contains(
136 permissionChecker, dlFolder, ActionKeys.VIEW)) {
137
138 return false;
139 }
140 }
141 catch (NoSuchFolderException nsfe) {
142 if (!dlFileEntry.isInTrash()) {
143 throw nsfe;
144 }
145 }
146 }
147 }
148
149 if (permissionChecker.hasOwnerPermission(
150 dlFileEntry.getCompanyId(), DLFileEntry.class.getName(),
151 dlFileEntry.getFileEntryId(), dlFileEntry.getUserId(),
152 actionId)) {
153
154 return true;
155 }
156
157 return permissionChecker.hasPermission(
158 dlFileEntry.getGroupId(), DLFileEntry.class.getName(),
159 dlFileEntry.getFileEntryId(), actionId);
160 }
161
162 public static boolean contains(
163 PermissionChecker permissionChecker, FileEntry fileEntry,
164 String actionId)
165 throws PortalException {
166
167 return fileEntry.containsPermission(permissionChecker, actionId);
168 }
169
170 public static boolean contains(
171 PermissionChecker permissionChecker, long fileEntryId,
172 String actionId)
173 throws PortalException {
174
175 FileEntry fileEntry = DLAppLocalServiceUtil.getFileEntry(fileEntryId);
176
177 return fileEntry.containsPermission(permissionChecker, actionId);
178 }
179
180 @Override
181 public void checkBaseModel(
182 PermissionChecker permissionChecker, long groupId, long primaryKey,
183 String actionId)
184 throws PortalException {
185
186 check(permissionChecker, primaryKey, actionId);
187 }
188
189 }