001 /** 002 * Copyright (c) 2000-present Liferay, Inc. All rights reserved. 003 * 004 * This library is free software; you can redistribute it and/or modify it under 005 * the terms of the GNU Lesser General Public License as published by the Free 006 * Software Foundation; either version 2.1 of the License, or (at your option) 007 * any later version. 008 * 009 * This library is distributed in the hope that it will be useful, but WITHOUT 010 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS 011 * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more 012 * details. 013 */ 014 015 package com.liferay.portal.kernel.security.permission; 016 017 /** 018 * Provides utility methods for filtering SQL queries by the user's permissions. 019 * 020 * @author Raymond Augé 021 */ 022 public interface InlineSQLHelper { 023 024 /** 025 * Returns <code>true</code> if the inline SQL helper is enabled. 026 * 027 * @return <code>true</code> if the inline SQL helper is enabled; 028 * <code>false</code> otherwise 029 */ 030 public boolean isEnabled(); 031 032 /** 033 * Returns <code>true</code> if the inline SQL helper is enabled for the 034 * group. 035 * 036 * @param groupId the primary key of the group 037 * @return <code>true</code> if the inline SQL helper is enabled for the 038 * group; <code>false</code> otherwise 039 */ 040 public boolean isEnabled(long groupId); 041 042 /** 043 * Returns <code>true</code> if the inline SQL helper is enabled for the 044 * company or group. 045 * 046 * @param companyId the primary key of the company 047 * @param groupId the primary key of the group 048 * @return <code>true</code> if the inline SQL helper is enabled for the 049 * company or group; <code>false</code> otherwise 050 */ 051 public boolean isEnabled(long companyId, long groupId); 052 053 /** 054 * Returns <code>true</code> if the inline SQL helper is enabled for the 055 * groups. 056 * 057 * @param groupIds the primary keys of the groups 058 * @return <code>true</code> if the inline SQL helper is enabled for the 059 * groups; <code>false</code> otherwise 060 */ 061 public boolean isEnabled(long[] groupIds); 062 063 /** 064 * Modifies the SQL query to only match resources that the user has 065 * permission to view. 066 * 067 * @param sql the SQL query 068 * @param className the fully qualified class name of the resources matched 069 * by the query 070 * @param classPKField the name of the column containing the resource's 071 * primary key 072 * @return the modified SQL query 073 */ 074 public String replacePermissionCheck( 075 String sql, String className, String classPKField); 076 077 /** 078 * Modifies the SQL query to only match resources that the user has 079 * permission to view. 080 * 081 * @param sql the SQL query 082 * @param className the fully qualified class name of the resources matched 083 * by the query 084 * @param classPKField the name of the column containing the resource's 085 * primary key 086 * @param groupId the primary key of the group containing the resources 087 * (optionally <code>null</code>) 088 * @return the modified SQL query 089 */ 090 public String replacePermissionCheck( 091 String sql, String className, String classPKField, long groupId); 092 093 /** 094 * Modifies the SQL query to only match resources that the user has 095 * permission to view. 096 * 097 * @param sql the SQL query 098 * @param className the fully qualified class name of the resources matched 099 * by the query 100 * @param classPKField the name of the column containing the resource's 101 * primary key 102 * @param groupId the primary key of the group containing the resources 103 * (optionally <code>null</code>) 104 * @param bridgeJoin an additional join clause to insert before the 105 * permission join (optionally <code>null</code>) 106 * @return the modified SQL query 107 */ 108 public String replacePermissionCheck( 109 String sql, String className, String classPKField, long groupId, 110 String bridgeJoin); 111 112 /** 113 * Modifies the SQL query to only match resources that the user has 114 * permission to view. 115 * 116 * @param sql the SQL query 117 * @param className the fully qualified class name of the resources matched 118 * by the query 119 * @param classPKField the name of the column containing the resource's 120 * primary key 121 * @param groupIds the primary keys of the groups containing the resources 122 * (optionally <code>null</code>) 123 * @return the modified SQL query 124 */ 125 public String replacePermissionCheck( 126 String sql, String className, String classPKField, long[] groupIds); 127 128 /** 129 * Modifies the SQL query to only match resources that the user has 130 * permission to view. 131 * 132 * @param sql the SQL query 133 * @param className the fully qualified class name of the resources matched 134 * by the query 135 * @param classPKField the name of the column containing the resource's 136 * primary key 137 * @param groupIds the primary keys of the groups containing the resources 138 * (optionally <code>null</code>) 139 * @param bridgeJoin an additional join clause to insert before the 140 * permission join (optionally <code>null</code>) 141 * @return the modified SQL query 142 */ 143 public String replacePermissionCheck( 144 String sql, String className, String classPKField, long[] groupIds, 145 String bridgeJoin); 146 147 /** 148 * Modifies the SQL query to only match resources that the user has 149 * permission to view. 150 * 151 * @param sql the SQL query 152 * @param className the fully qualified class name of the resources matched 153 * by the query 154 * @param classPKField the name of the column containing the resource's 155 * primary key 156 * @param userIdField the name of the column containing the resource 157 * owner's primary key (optionally <code>null</code>) 158 * @return the modified SQL query 159 */ 160 public String replacePermissionCheck( 161 String sql, String className, String classPKField, String userIdField); 162 163 /** 164 * Modifies the SQL query to only match resources that the user has 165 * permission to view. 166 * 167 * @param sql the SQL query 168 * @param className the fully qualified class name of the resources matched 169 * by the query 170 * @param classPKField the name of the column containing the resource's 171 * primary key 172 * @param userIdField the name of the column containing the resource 173 * owner's primary key (optionally <code>null</code>) 174 * @param groupId the primary key of the group containing the resources 175 * (optionally <code>null</code>) 176 * @return the modified SQL query 177 */ 178 public String replacePermissionCheck( 179 String sql, String className, String classPKField, String userIdField, 180 long groupId); 181 182 /** 183 * Modifies the SQL query to only match resources that the user has 184 * permission to view. 185 * 186 * @param sql the SQL query 187 * @param className the fully qualified class name of the resources matched 188 * by the query 189 * @param classPKField the name of the column containing the resource's 190 * primary key 191 * @param userIdField the name of the column containing the resource 192 * owner's primary key (optionally <code>null</code>) 193 * @param groupId the primary key of the group containing the resources 194 * (optionally <code>null</code>) 195 * @param bridgeJoin an additional join clause to insert before the 196 * permission join (optionally <code>null</code>) 197 * @return the modified SQL query 198 */ 199 public String replacePermissionCheck( 200 String sql, String className, String classPKField, String userIdField, 201 long groupId, String bridgeJoin); 202 203 /** 204 * Modifies the SQL query to only match resources that the user has 205 * permission to view. 206 * 207 * @param sql the SQL query 208 * @param className the fully qualified class name of the resources matched 209 * by the query 210 * @param classPKField the name of the column containing the resource's 211 * primary key 212 * @param userIdField the name of the column containing the resource 213 * owner's primary key (optionally <code>null</code>) 214 * @param groupIds the primary keys of the groups containing the resources 215 * (optionally <code>null</code>) 216 * @return the modified SQL query 217 */ 218 public String replacePermissionCheck( 219 String sql, String className, String classPKField, String userIdField, 220 long[] groupIds); 221 222 /** 223 * Modifies the SQL query to only match resources that the user has 224 * permission to view. 225 * 226 * @param sql the SQL query 227 * @param className the fully qualified class name of the resources matched 228 * by the query 229 * @param classPKField the name of the column containing the resource's 230 * primary key 231 * @param userIdField the name of the column containing the resource 232 * owner's primary key (optionally <code>null</code>) 233 * @param groupIds the primary keys of the groups containing the resources 234 * (optionally <code>null</code>) 235 * @param bridgeJoin an additional join clause to insert before the 236 * permission join (optionally <code>null</code>) 237 * @return the modified SQL query 238 */ 239 public String replacePermissionCheck( 240 String sql, String className, String classPKField, String userIdField, 241 long[] groupIds, String bridgeJoin); 242 243 /** 244 * Modifies the SQL query to only match resources that the user has 245 * permission to view. 246 * 247 * @param sql the SQL query 248 * @param className the fully qualified class name of the resources matched 249 * by the query 250 * @param classPKField the name of the column containing the resource's 251 * primary key 252 * @param userIdField the name of the column containing the resource 253 * owner's primary key (optionally <code>null</code>) 254 * @param bridgeJoin an additional join clause to insert before the 255 * permission join (optionally <code>null</code>) 256 * @return the modified SQL query 257 */ 258 public String replacePermissionCheck( 259 String sql, String className, String classPKField, String userIdField, 260 String bridgeJoin); 261 262 /** 263 * Modifies the SQL query to only match resources that the user has 264 * permission to view. 265 * 266 * @param sql the SQL query 267 * @param className the fully qualified class name of the resources matched 268 * by the query 269 * @param classPKField the name of the column containing the resource's 270 * primary key 271 * @param userIdField the name of the column containing the resource 272 * owner's primary key (optionally <code>null</code>) 273 * @param groupIdField the name of the column containing the resource's 274 * group ID (optionally <code>null</code>) 275 * @param groupIds the primary keys of the groups containing the resources 276 * (optionally <code>null</code>) 277 * @param bridgeJoin an additional join clause to insert before the 278 * permission join (optionally <code>null</code>) 279 * @return the modified SQL query 280 */ 281 public String replacePermissionCheck( 282 String sql, String className, String classPKField, String userIdField, 283 String groupIdField, long[] groupIds, String bridgeJoin); 284 285 }