001
014
015 package com.liferay.portlet.messageboards.service.permission;
016
017 import com.liferay.portal.kernel.exception.PortalException;
018 import com.liferay.portal.kernel.portlet.PortletProvider;
019 import com.liferay.portal.kernel.portlet.PortletProviderUtil;
020 import com.liferay.portal.kernel.spring.osgi.OSGiBeanProperties;
021 import com.liferay.portal.kernel.workflow.permission.WorkflowPermissionUtil;
022 import com.liferay.portal.security.auth.PrincipalException;
023 import com.liferay.portal.security.permission.ActionKeys;
024 import com.liferay.portal.security.permission.BaseModelPermissionChecker;
025 import com.liferay.portal.security.permission.PermissionChecker;
026 import com.liferay.portal.util.PropsValues;
027 import com.liferay.portlet.exportimport.staging.permission.StagingPermissionUtil;
028 import com.liferay.portlet.messageboards.exception.NoSuchCategoryException;
029 import com.liferay.portlet.messageboards.model.MBCategory;
030 import com.liferay.portlet.messageboards.model.MBCategoryConstants;
031 import com.liferay.portlet.messageboards.model.MBMessage;
032 import com.liferay.portlet.messageboards.model.MBThread;
033 import com.liferay.portlet.messageboards.service.MBBanLocalServiceUtil;
034 import com.liferay.portlet.messageboards.service.MBCategoryLocalServiceUtil;
035 import com.liferay.portlet.messageboards.service.MBMessageLocalServiceUtil;
036 import com.liferay.portlet.messageboards.service.MBThreadLocalServiceUtil;
037
038
041 @OSGiBeanProperties(
042 property = {
043 "model.class.name=com.liferay.portlet.messageboards.model.MBMessage"
044 }
045 )
046 public class MBMessagePermission implements BaseModelPermissionChecker {
047
048 public static void check(
049 PermissionChecker permissionChecker, long messageId,
050 String actionId)
051 throws PortalException {
052
053 if (!contains(permissionChecker, messageId, actionId)) {
054 throw new PrincipalException.MustHavePermission(
055 permissionChecker, MBMessage.class.getName(), messageId,
056 actionId);
057 }
058 }
059
060 public static void check(
061 PermissionChecker permissionChecker, MBMessage message,
062 String actionId)
063 throws PortalException {
064
065 if (!contains(permissionChecker, message, actionId)) {
066 throw new PrincipalException.MustHavePermission(
067 permissionChecker, MBMessage.class.getName(),
068 message.getMessageId(), actionId);
069 }
070 }
071
072 public static boolean contains(
073 PermissionChecker permissionChecker, long classPK, String actionId)
074 throws PortalException {
075
076 MBThread mbThread = MBThreadLocalServiceUtil.fetchThread(classPK);
077
078 MBMessage message = null;
079
080 if (mbThread == null) {
081 message = MBMessageLocalServiceUtil.getMessage(classPK);
082 }
083 else {
084 message = MBMessageLocalServiceUtil.getMessage(
085 mbThread.getRootMessageId());
086 }
087
088 return contains(permissionChecker, message, actionId);
089 }
090
091 public static boolean contains(
092 PermissionChecker permissionChecker, MBMessage message,
093 String actionId)
094 throws PortalException {
095
096 if (MBBanLocalServiceUtil.hasBan(
097 message.getGroupId(), permissionChecker.getUserId())) {
098
099 return false;
100 }
101
102 String portletId = PortletProviderUtil.getPortletId(
103 MBMessage.class.getName(), PortletProvider.Action.EDIT);
104
105 Boolean hasPermission = StagingPermissionUtil.hasPermission(
106 permissionChecker, message.getGroupId(), MBMessage.class.getName(),
107 message.getMessageId(), portletId, actionId);
108
109 if (hasPermission != null) {
110 return hasPermission.booleanValue();
111 }
112
113 if (message.isDraft() || message.isScheduled()) {
114 if (actionId.equals(ActionKeys.VIEW) &&
115 !contains(permissionChecker, message, ActionKeys.UPDATE)) {
116
117 return false;
118 }
119 }
120 else if (message.isPending()) {
121 hasPermission = WorkflowPermissionUtil.hasPermission(
122 permissionChecker, message.getGroupId(),
123 message.getWorkflowClassName(), message.getMessageId(),
124 actionId);
125
126 if (hasPermission != null) {
127 return hasPermission.booleanValue();
128 }
129 }
130
131 if (actionId.equals(ActionKeys.VIEW) &&
132 PropsValues.PERMISSIONS_VIEW_DYNAMIC_INHERITANCE) {
133
134 long categoryId = message.getCategoryId();
135
136 if ((categoryId ==
137 MBCategoryConstants.DEFAULT_PARENT_CATEGORY_ID) ||
138 (categoryId == MBCategoryConstants.DISCUSSION_CATEGORY_ID)) {
139
140 if (!MBPermission.contains(
141 permissionChecker, message.getGroupId(), actionId)) {
142
143 return false;
144 }
145 }
146 else {
147 try {
148 MBCategory category =
149 MBCategoryLocalServiceUtil.getCategory(categoryId);
150
151 if (!MBCategoryPermission.contains(
152 permissionChecker, category, actionId)) {
153
154 return false;
155 }
156 }
157 catch (NoSuchCategoryException nsce) {
158 if (!message.isInTrash()) {
159 throw nsce;
160 }
161 }
162 }
163 }
164
165 if (permissionChecker.hasOwnerPermission(
166 message.getCompanyId(), MBMessage.class.getName(),
167 message.getRootMessageId(), message.getUserId(), actionId)) {
168
169 return true;
170 }
171
172 return permissionChecker.hasPermission(
173 message.getGroupId(), MBMessage.class.getName(),
174 message.getMessageId(), actionId);
175 }
176
177 @Override
178 public void checkBaseModel(
179 PermissionChecker permissionChecker, long groupId, long primaryKey,
180 String actionId)
181 throws PortalException {
182
183 check(permissionChecker, primaryKey, actionId);
184 }
185
186 }