001    /**
002     * Copyright (c) 2000-present Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.kernel.security.permission;
016    
017    import aQute.bnd.annotation.ProviderType;
018    
019    import com.liferay.portal.model.User;
020    
021    import java.util.List;
022    
023    import javax.portlet.PortletRequest;
024    
025    /**
026     * @author Brian Wing Shun Chan
027     */
028    @ProviderType
029    public interface PermissionChecker extends Cloneable {
030    
031            public static final long[] DEFAULT_ROLE_IDS = {};
032    
033            public PermissionChecker clone();
034    
035            /**
036             * Returns the primary key of the user's company.
037             *
038             * @return the primary key of the user's company
039             */
040            public long getCompanyId();
041    
042            public List<Long> getOwnerResourceBlockIds(
043                    long companyId, long groupId, String name, String actionId);
044    
045            /**
046             * Returns the primary key of the owner role. This role is automatically
047             * given to the creator of a resource.
048             *
049             * @return the primary key of the owner role
050             */
051            public long getOwnerRoleId();
052    
053            public List<Long> getResourceBlockIds(
054                    long companyId, long groupId, long userId, String name,
055                    String actionId);
056    
057            /**
058             * Returns the primary keys of the roles the user has within the group.
059             *
060             * @param  userId the primary key of the user
061             * @param  groupId the primary key of the group
062             * @return the primary keys of the roles the user has within the group
063             */
064            public long[] getRoleIds(long userId, long groupId);
065    
066            public User getUser();
067    
068            public UserBag getUserBag() throws Exception;
069    
070            /**
071             * Returns the primary key of the user.
072             *
073             * @return the primary key of the user
074             */
075            public long getUserId();
076    
077            /**
078             * Returns <code>true</code> if the user is the owner of the resource and
079             * has permission to perform the action.
080             *
081             * @param  companyId the primary key of the user's company
082             * @param  name the resource's name, which can be either a class name or a
083             *         portlet ID
084             * @param  primKey the primary key of the resource
085             * @param  ownerId the primary key of the resource's owner
086             * @param  actionId the action ID
087             * @return <code>true</code> if the user is the owner of the resource and
088             *         has permission to perform the action; <code>false</code>
089             *         otherwise
090             */
091            public boolean hasOwnerPermission(
092                    long companyId, String name, long primKey, long ownerId,
093                    String actionId);
094    
095            /**
096             * Returns <code>true</code> if the user is the owner of the resource and
097             * has permission to perform the action.
098             *
099             * @param  companyId the primary key of the user's company
100             * @param  name the resource's name, which can be either a class name or a
101             *         portlet ID
102             * @param  primKey the primary key of the resource
103             * @param  ownerId the primary key of the resource's owner
104             * @param  actionId the action ID
105             * @return <code>true</code> if the user is the owner of the resource and
106             *         has permission to perform the action; <code>false</code>
107             *         otherwise
108             */
109            public boolean hasOwnerPermission(
110                    long companyId, String name, String primKey, long ownerId,
111                    String actionId);
112    
113            /**
114             * Returns <code>true</code> if the user has permission to perform the
115             * action on the resource.
116             *
117             * @param  groupId the primary key of the group containing the resource
118             * @param  name the resource's name, which can be either a class name or a
119             *         portlet ID
120             * @param  primKey the primary key of the resource
121             * @param  actionId the action ID
122             * @return <code>true</code> if the user has permission to perform the
123             *         action on the resource; <code>false</code> otherwise
124             */
125            public boolean hasPermission(
126                    long groupId, String name, long primKey, String actionId);
127    
128            /**
129             * Returns <code>true</code> if the user has permission to perform the
130             * action on the resource.
131             *
132             * @param  groupId the primary key of the group containing the resource
133             * @param  name the resource's name, which can be either a class name or a
134             *         portlet ID
135             * @param  primKey the primary key of the resource
136             * @param  actionId the action ID
137             * @return <code>true</code> if the user has permission to perform the
138             *         action on the resource; <code>false</code> otherwise
139             */
140            public boolean hasPermission(
141                    long groupId, String name, String primKey, String actionId);
142    
143            /**
144             * Initializes this permission checker.
145             *
146             * @param user the current user
147             */
148            public void init(User user);
149    
150            /**
151             * Returns <code>true</code> if guest permissions will be used in permission
152             * checks.
153             *
154             * @return <code>true</code> if guest permissions will be used in permission
155             *         checks; <code>false</code> otherwise
156             */
157            public boolean isCheckGuest();
158    
159            /**
160             * @deprecated As of 6.1.0, renamed to {@link #isGroupAdmin(long)}
161             */
162            @Deprecated
163            public boolean isCommunityAdmin(long groupId);
164    
165            /**
166             * @deprecated As of 6.1.0, renamed to {@link #isGroupOwner(long)}
167             */
168            @Deprecated
169            public boolean isCommunityOwner(long groupId);
170    
171            /**
172             * Returns <code>true</code> if the user is an administrator of their
173             * company.
174             *
175             * @return <code>true</code> if the user is an administrator of their
176             *         company; <code>false</code> otherwise
177             */
178            public boolean isCompanyAdmin();
179    
180            /**
181             * Returns <code>true</code> if the user is an administrator of the company.
182             *
183             * @param  companyId the primary key of the company
184             * @return <code>true</code> if the user is an administrator of the company;
185             *         <code>false</code> otherwise
186             */
187            public boolean isCompanyAdmin(long companyId);
188    
189            /**
190             * Returns <code>true</code> if the user is a content reviewer or has
191             * sufficient permissions to review content (i.e. the user is a company or
192             * group administrator).
193             *
194             * @param  companyId the primary key of the company
195             * @param  groupId the primary key of the group
196             * @return <code>true</code> if the user is a reviewer or has sufficient
197             *         permissions to review content; <code>false</code> otherwise
198             */
199            public boolean isContentReviewer(long companyId, long groupId);
200    
201            /**
202             * Returns <code>true</code> if the user is an administrator of the group.
203             *
204             * @param  groupId the primary key of the group
205             * @return <code>true</code> if the user is an administrator of the group;
206             *         <code>false</code> otherwise
207             */
208            public boolean isGroupAdmin(long groupId);
209    
210            /**
211             * Returns <code>true</code> if the user is a member of the group.
212             *
213             * @param  groupId the primary key of the group
214             * @return <code>true</code> if the user is a member of the group;
215             *         <code>false</code> otherwise
216             */
217            public boolean isGroupMember(long groupId);
218    
219            /**
220             * Returns <code>true</code> if the user is the owner of the group.
221             *
222             * @param  groupId the primary key of the group
223             * @return <code>true</code> if the user is the owner of the group;
224             *         <code>false</code> otherwise
225             */
226            public boolean isGroupOwner(long groupId);
227    
228            /**
229             * Returns <code>true</code> if the user is a universal administrator.
230             *
231             * @return <code>true</code> if the user is a universal administrator;
232             *         <code>false</code> otherwise
233             * @see    com.liferay.portlet.admin.util.OmniadminUtil
234             */
235            public boolean isOmniadmin();
236    
237            /**
238             * Returns <code>true</code> if the user is an administrator of the
239             * organization.
240             *
241             * @param  organizationId the primary key of the organization
242             * @return <code>true</code> if the user is an administrator of the
243             *         organization; <code>false</code> otherwise
244             */
245            public boolean isOrganizationAdmin(long organizationId);
246    
247            /**
248             * Returns <code>true</code> if the user is an owner of the organization.
249             *
250             * @param  organizationId the primary key of the organization
251             * @return <code>true</code> if the user is an owner of the organization;
252             *         <code>false</code> otherwise
253             */
254            public boolean isOrganizationOwner(long organizationId);
255    
256            /**
257             * Returns <code>true</code> if the user is signed in.
258             *
259             * @return <code>true</code> if the user is signed in; <code>false</code>
260             *         otherwise
261             */
262            public boolean isSignedIn();
263    
264            /**
265             * @deprecated As of 6.2.0, does nothing
266             */
267            @Deprecated
268            public void resetValues();
269    
270            /**
271             * @deprecated As of 6.2.0, does nothing
272             */
273            @Deprecated
274            public void setValues(PortletRequest portletRequest);
275    
276    }