001
014
015 package com.liferay.portlet.documentlibrary.service.permission;
016
017 import com.liferay.portal.kernel.exception.PortalException;
018 import com.liferay.portal.kernel.portlet.PortletProvider;
019 import com.liferay.portal.kernel.portlet.PortletProviderUtil;
020 import com.liferay.portal.kernel.repository.model.Folder;
021 import com.liferay.portal.kernel.spring.osgi.OSGiBeanProperties;
022 import com.liferay.portal.security.auth.PrincipalException;
023 import com.liferay.portal.security.permission.ActionKeys;
024 import com.liferay.portal.security.permission.BaseModelPermissionChecker;
025 import com.liferay.portal.security.permission.PermissionChecker;
026 import com.liferay.portal.util.PropsValues;
027 import com.liferay.portlet.documentlibrary.exception.NoSuchFolderException;
028 import com.liferay.portlet.documentlibrary.model.DLFolder;
029 import com.liferay.portlet.documentlibrary.model.DLFolderConstants;
030 import com.liferay.portlet.documentlibrary.service.DLAppLocalServiceUtil;
031 import com.liferay.portlet.documentlibrary.service.DLFolderLocalServiceUtil;
032 import com.liferay.portlet.exportimport.staging.permission.StagingPermissionUtil;
033
034
037 @OSGiBeanProperties(
038 property = {
039 "model.class.name=com.liferay.portlet.documentlibrary.model.DLFolder"
040 }
041 )
042 public class DLFolderPermission implements BaseModelPermissionChecker {
043
044 public static void check(
045 PermissionChecker permissionChecker, DLFolder dlFolder,
046 String actionId)
047 throws PortalException {
048
049 if (!contains(permissionChecker, dlFolder, actionId)) {
050 throw new PrincipalException.MustHavePermission(
051 permissionChecker, DLFolder.class.getName(),
052 dlFolder.getFolderId(), actionId);
053 }
054 }
055
056 public static void check(
057 PermissionChecker permissionChecker, Folder folder, String actionId)
058 throws PortalException {
059
060 if (!folder.containsPermission(permissionChecker, actionId)) {
061 throw new PrincipalException.MustHavePermission(
062 permissionChecker, Folder.class.getName(), folder.getFolderId(),
063 actionId);
064 }
065 }
066
067 public static void check(
068 PermissionChecker permissionChecker, long groupId, long folderId,
069 String actionId)
070 throws PortalException {
071
072 if (!contains(permissionChecker, groupId, folderId, actionId)) {
073 throw new PrincipalException.MustHavePermission(
074 permissionChecker, Folder.class.getName(), folderId, actionId);
075 }
076 }
077
078 public static boolean contains(
079 PermissionChecker permissionChecker, DLFolder dlFolder,
080 String actionId)
081 throws PortalException {
082
083 if (actionId.equals(ActionKeys.ADD_FOLDER)) {
084 actionId = ActionKeys.ADD_SUBFOLDER;
085 }
086
087 String portletId = PortletProviderUtil.getPortletId(
088 Folder.class.getName(), PortletProvider.Action.EDIT);
089
090 Boolean hasPermission = StagingPermissionUtil.hasPermission(
091 permissionChecker, dlFolder.getGroupId(), DLFolder.class.getName(),
092 dlFolder.getFolderId(), portletId, actionId);
093
094 if (hasPermission != null) {
095 return hasPermission.booleanValue();
096 }
097
098 if (actionId.equals(ActionKeys.VIEW) &&
099 PropsValues.PERMISSIONS_VIEW_DYNAMIC_INHERITANCE) {
100
101 try {
102 long dlFolderId = dlFolder.getFolderId();
103
104 while (dlFolderId !=
105 DLFolderConstants.DEFAULT_PARENT_FOLDER_ID) {
106
107 dlFolder = DLFolderLocalServiceUtil.getFolder(dlFolderId);
108
109 if (!_hasPermission(
110 permissionChecker, dlFolder, actionId)) {
111
112 return false;
113 }
114
115 dlFolderId = dlFolder.getParentFolderId();
116 }
117 }
118 catch (NoSuchFolderException nsfe) {
119 if (!dlFolder.isInTrash()) {
120 throw nsfe;
121 }
122 }
123
124 return DLPermission.contains(
125 permissionChecker, dlFolder.getGroupId(), actionId);
126 }
127
128 return _hasPermission(permissionChecker, dlFolder, actionId);
129 }
130
131 public static boolean contains(
132 PermissionChecker permissionChecker, Folder folder, String actionId)
133 throws PortalException {
134
135 return folder.containsPermission(permissionChecker, actionId);
136 }
137
138 public static boolean contains(
139 PermissionChecker permissionChecker, long groupId, long folderId,
140 String actionId)
141 throws PortalException {
142
143 if (folderId == DLFolderConstants.DEFAULT_PARENT_FOLDER_ID) {
144
145
146
147
148 if (actionId.equals(ActionKeys.ACCESS) ||
149 actionId.equals(ActionKeys.ADD_SUBFOLDER) ||
150 actionId.equals(ActionKeys.DELETE)) {
151
152 return false;
153 }
154
155 return DLPermission.contains(permissionChecker, groupId, actionId);
156 }
157
158 Folder folder = DLAppLocalServiceUtil.getFolder(folderId);
159
160 return folder.containsPermission(permissionChecker, actionId);
161 }
162
163 @Override
164 public void checkBaseModel(
165 PermissionChecker permissionChecker, long groupId, long primaryKey,
166 String actionId)
167 throws PortalException {
168
169 check(permissionChecker, groupId, primaryKey, actionId);
170 }
171
172 private static boolean _hasPermission(
173 PermissionChecker permissionChecker, DLFolder dlFolder,
174 String actionId) {
175
176 if (permissionChecker.hasOwnerPermission(
177 dlFolder.getCompanyId(), DLFolder.class.getName(),
178 dlFolder.getFolderId(), dlFolder.getUserId(), actionId) ||
179 permissionChecker.hasPermission(
180 dlFolder.getGroupId(), DLFolder.class.getName(),
181 dlFolder.getFolderId(), actionId)) {
182
183 return true;
184 }
185
186 return false;
187 }
188
189 }