001
014
015 package com.liferay.portal.service.permission;
016
017 import com.liferay.portal.kernel.exception.PortalException;
018 import com.liferay.portal.kernel.model.Organization;
019 import com.liferay.portal.kernel.model.OrganizationConstants;
020 import com.liferay.portal.kernel.security.auth.PrincipalException;
021 import com.liferay.portal.kernel.security.permission.ActionKeys;
022 import com.liferay.portal.kernel.security.permission.PermissionChecker;
023 import com.liferay.portal.kernel.service.OrganizationLocalServiceUtil;
024 import com.liferay.portal.kernel.service.permission.OrganizationPermission;
025 import com.liferay.portal.kernel.service.permission.PortalPermissionUtil;
026 import com.liferay.portal.kernel.util.ArrayUtil;
027
028
033 public class OrganizationPermissionImpl implements OrganizationPermission {
034
035 @Override
036 public void check(
037 PermissionChecker permissionChecker, long organizationId,
038 String actionId)
039 throws PortalException {
040
041 if (!contains(permissionChecker, organizationId, actionId)) {
042 throw new PrincipalException.MustHavePermission(
043 permissionChecker, Organization.class.getName(), organizationId,
044 actionId);
045 }
046 }
047
048 @Override
049 public void check(
050 PermissionChecker permissionChecker, Organization organization,
051 String actionId)
052 throws PortalException {
053
054 if (!contains(permissionChecker, organization, actionId)) {
055 throw new PrincipalException.MustHavePermission(
056 permissionChecker, Organization.class.getName(),
057 organization.getOrganizationId(), actionId);
058 }
059 }
060
061 @Override
062 public boolean contains(
063 PermissionChecker permissionChecker, long organizationId,
064 String actionId)
065 throws PortalException {
066
067 if (organizationId > 0) {
068 Organization organization =
069 OrganizationLocalServiceUtil.getOrganization(organizationId);
070
071 return contains(permissionChecker, organization, actionId);
072 }
073 else {
074 return false;
075 }
076 }
077
078 @Override
079 public boolean contains(
080 PermissionChecker permissionChecker, long[] organizationIds,
081 String actionId)
082 throws PortalException {
083
084 if (ArrayUtil.isEmpty(organizationIds)) {
085 return true;
086 }
087
088 for (long organizationId : organizationIds) {
089 if (!contains(permissionChecker, organizationId, actionId)) {
090 return false;
091 }
092 }
093
094 return true;
095 }
096
097 @Override
098 public boolean contains(
099 PermissionChecker permissionChecker, Organization organization,
100 String actionId)
101 throws PortalException {
102
103 long groupId = organization.getGroupId();
104
105 if (contains(permissionChecker, groupId, organization, actionId)) {
106 return true;
107 }
108
109 while (!organization.isRoot()) {
110 Organization parentOrganization =
111 organization.getParentOrganization();
112
113 groupId = parentOrganization.getGroupId();
114
115 if (contains(
116 permissionChecker, groupId, parentOrganization,
117 ActionKeys.MANAGE_SUBORGANIZATIONS)) {
118
119 return true;
120 }
121
122 organization = parentOrganization;
123 }
124
125 return false;
126 }
127
128 protected boolean contains(
129 PermissionChecker permissionChecker, long groupId,
130 Organization organization, String actionId)
131 throws PortalException {
132
133 while ((organization != null) &&
134 (organization.getOrganizationId() !=
135 OrganizationConstants.DEFAULT_PARENT_ORGANIZATION_ID)) {
136
137 if (actionId.equals(ActionKeys.ADD_ORGANIZATION) &&
138 (permissionChecker.hasPermission(
139 groupId, Organization.class.getName(),
140 organization.getOrganizationId(),
141 ActionKeys.MANAGE_SUBORGANIZATIONS) ||
142 PortalPermissionUtil.contains(
143 permissionChecker, ActionKeys.ADD_ORGANIZATION))) {
144
145 return true;
146 }
147 else if (permissionChecker.hasPermission(
148 groupId, Organization.class.getName(),
149 organization.getOrganizationId(), actionId)) {
150
151 return true;
152 }
153
154 organization = organization.getParentOrganization();
155 }
156
157 return false;
158 }
159
160 }