001    /**
002     * Copyright (c) 2000-present Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.security.permission;
016    
017    import aQute.bnd.annotation.ProviderType;
018    
019    import com.liferay.portal.model.User;
020    
021    import java.util.List;
022    
023    import javax.portlet.PortletRequest;
024    
025    /**
026     * @author Brian Wing Shun Chan
027     */
028    @ProviderType
029    public interface PermissionChecker extends Cloneable {
030    
031            public static final long[] DEFAULT_ROLE_IDS = {};
032    
033            public PermissionChecker clone();
034    
035            /**
036             * Returns the primary key of the user's company.
037             *
038             * @return the primary key of the user's company
039             */
040            public long getCompanyId();
041    
042            public List<Long> getOwnerResourceBlockIds(
043                    long companyId, long groupId, String name, String actionId);
044    
045            /**
046             * Returns the primary key of the owner role. This role is automatically
047             * given to the creator of a resource.
048             *
049             * @return the primary key of the owner role
050             */
051            public long getOwnerRoleId();
052    
053            public List<Long> getResourceBlockIds(
054                    long companyId, long groupId, long userId, String name,
055                    String actionId);
056    
057            /**
058             * Returns the primary keys of the roles the user has within the group.
059             *
060             * @param  userId the primary key of the user
061             * @param  groupId the primary key of the group
062             * @return the primary keys of the roles the user has within the group
063             */
064            public long[] getRoleIds(long userId, long groupId);
065    
066            public User getUser();
067    
068            public UserBag getUserBag() throws Exception;
069    
070            /**
071             * Returns the primary key of the user.
072             *
073             * @return the primary key of the user
074             */
075            public long getUserId();
076    
077            /**
078             * Returns <code>true</code> if the user is the owner of the resource and
079             * has permission to perform the action.
080             *
081             * @param  companyId the primary key of the user's company
082             * @param  name the resource's name, which can be either a class name or a
083             *         portlet ID
084             * @param  primKey the primary key of the resource
085             * @param  ownerId the primary key of the resource's owner
086             * @param  actionId the action ID
087             * @return <code>true</code> if the user is the owner of the resource and
088             *         has permission to perform the action; <code>false</code>
089             *         otherwise
090             */
091            public boolean hasOwnerPermission(
092                    long companyId, String name, long primKey, long ownerId,
093                    String actionId);
094    
095            /**
096             * Returns <code>true</code> if the user is the owner of the resource and
097             * has permission to perform the action.
098             *
099             * @param  companyId the primary key of the user's company
100             * @param  name the resource's name, which can be either a class name or a
101             *         portlet ID
102             * @param  primKey the primary key of the resource
103             * @param  ownerId the primary key of the resource's owner
104             * @param  actionId the action ID
105             * @return <code>true</code> if the user is the owner of the resource and
106             *         has permission to perform the action; <code>false</code>
107             *         otherwise
108             */
109            public boolean hasOwnerPermission(
110                    long companyId, String name, String primKey, long ownerId,
111                    String actionId);
112    
113            /**
114             * Returns <code>true</code> if the user has permission to perform the
115             * action on the resource.
116             *
117             * @param  groupId the primary key of the group containing the resource
118             * @param  name the resource's name, which can be either a class name or a
119             *         portlet ID
120             * @param  primKey the primary key of the resource
121             * @param  actionId the action ID
122             * @return <code>true</code> if the user has permission to perform the
123             *         action on the resource; <code>false</code> otherwise
124             */
125            public boolean hasPermission(
126                    long groupId, String name, long primKey, String actionId);
127    
128            /**
129             * Returns <code>true</code> if the user has permission to perform the
130             * action on the resource.
131             *
132             * @param  groupId the primary key of the group containing the resource
133             * @param  name the resource's name, which can be either a class name or a
134             *         portlet ID
135             * @param  primKey the primary key of the resource
136             * @param  actionId the action ID
137             * @return <code>true</code> if the user has permission to perform the
138             *         action on the resource; <code>false</code> otherwise
139             */
140            public boolean hasPermission(
141                    long groupId, String name, String primKey, String actionId);
142    
143            /**
144             * Returns <code>true</code> if the user has permission to perform the
145             * action on the resource without using guest permissions.
146             *
147             * @param  groupId the primary key of the group containing the resource
148             * @param  name the resource's name, which can be either a class name or a
149             *         portlet ID
150             * @param  primKey the primary key of the resource
151             * @param  actionId the action ID
152             * @param  checkAdmin whether to use permissions gained from administrator
153             *         roles
154             * @return <code>true</code> if the user has permission to perform the
155             *         action on the resource without using guest permissions;
156             *         <code>false</code> otherwise
157             */
158            public boolean hasUserPermission(
159                    long groupId, String name, String primKey, String actionId,
160                    boolean checkAdmin);
161    
162            /**
163             * Initializes this permission checker.
164             *
165             * @param user the current user
166             */
167            public void init(User user);
168    
169            /**
170             * Returns <code>true</code> if guest permissions will be used in permission
171             * checks.
172             *
173             * @return <code>true</code> if guest permissions will be used in permission
174             *         checks; <code>false</code> otherwise
175             */
176            public boolean isCheckGuest();
177    
178            /**
179             * @deprecated As of 6.1.0, renamed to {@link #isGroupAdmin(long)}
180             */
181            @Deprecated
182            public boolean isCommunityAdmin(long groupId);
183    
184            /**
185             * @deprecated As of 6.1.0, renamed to {@link #isGroupOwner(long)}
186             */
187            @Deprecated
188            public boolean isCommunityOwner(long groupId);
189    
190            /**
191             * Returns <code>true</code> if the user is an administrator of their
192             * company.
193             *
194             * @return <code>true</code> if the user is an administrator of their
195             *         company; <code>false</code> otherwise
196             */
197            public boolean isCompanyAdmin();
198    
199            /**
200             * Returns <code>true</code> if the user is an administrator of the company.
201             *
202             * @param  companyId the primary key of the company
203             * @return <code>true</code> if the user is an administrator of the company;
204             *         <code>false</code> otherwise
205             */
206            public boolean isCompanyAdmin(long companyId);
207    
208            /**
209             * Returns <code>true</code> if the user is a content reviewer or has
210             * sufficient permissions to review content (i.e. the user is a company or
211             * group administrator).
212             *
213             * @param  companyId the primary key of the company
214             * @param  groupId the primary key of the group
215             * @return <code>true</code> if the user is a reviewer or has sufficient
216             *         permissions to review content; <code>false</code> otherwise
217             */
218            public boolean isContentReviewer(long companyId, long groupId);
219    
220            /**
221             * Returns <code>true</code> if the user is an administrator of the group.
222             *
223             * @param  groupId the primary key of the group
224             * @return <code>true</code> if the user is an administrator of the group;
225             *         <code>false</code> otherwise
226             */
227            public boolean isGroupAdmin(long groupId);
228    
229            /**
230             * Returns <code>true</code> if the user is a member of the group.
231             *
232             * @param  groupId the primary key of the group
233             * @return <code>true</code> if the user is a member of the group;
234             *         <code>false</code> otherwise
235             */
236            public boolean isGroupMember(long groupId);
237    
238            /**
239             * Returns <code>true</code> if the user is the owner of the group.
240             *
241             * @param  groupId the primary key of the group
242             * @return <code>true</code> if the user is the owner of the group;
243             *         <code>false</code> otherwise
244             */
245            public boolean isGroupOwner(long groupId);
246    
247            /**
248             * Returns <code>true</code> if the user is a universal administrator.
249             *
250             * @return <code>true</code> if the user is a universal administrator;
251             *         <code>false</code> otherwise
252             * @see    com.liferay.portlet.admin.util.OmniadminUtil
253             */
254            public boolean isOmniadmin();
255    
256            /**
257             * Returns <code>true</code> if the user is an administrator of the
258             * organization.
259             *
260             * @param  organizationId the primary key of the organization
261             * @return <code>true</code> if the user is an administrator of the
262             *         organization; <code>false</code> otherwise
263             */
264            public boolean isOrganizationAdmin(long organizationId);
265    
266            /**
267             * Returns <code>true</code> if the user is an owner of the organization.
268             *
269             * @param  organizationId the primary key of the organization
270             * @return <code>true</code> if the user is an owner of the organization;
271             *         <code>false</code> otherwise
272             */
273            public boolean isOrganizationOwner(long organizationId);
274    
275            /**
276             * Returns <code>true</code> if the user is signed in.
277             *
278             * @return <code>true</code> if the user is signed in; <code>false</code>
279             *         otherwise
280             */
281            public boolean isSignedIn();
282    
283            /**
284             * @deprecated As of 6.2.0, does nothing
285             */
286            @Deprecated
287            public void resetValues();
288    
289            /**
290             * @deprecated As of 6.2.0, does nothing
291             */
292            @Deprecated
293            public void setValues(PortletRequest portletRequest);
294    
295    }