001    /**
002     * Copyright (c) 2000-present Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.kernel.security.permission;
016    
017    /**
018     * Provides utility methods for filtering SQL queries by the user's permissions.
019     *
020     * @author Raymond Aug??
021     */
022    public interface InlineSQLHelper {
023    
024            /**
025             * Returns <code>true</code> if the inline SQL helper is enabled.
026             *
027             * @return <code>true</code> if the inline SQL helper is enabled;
028             *         <code>false</code> otherwise
029             */
030            public boolean isEnabled();
031    
032            /**
033             * Returns <code>true</code> if the inline SQL helper is enabled for the
034             * group.
035             *
036             * @param  groupId the primary key of the group
037             * @return <code>true</code> if the inline SQL helper is enabled for the
038             *         group; <code>false</code> otherwise
039             */
040            public boolean isEnabled(long groupId);
041    
042            /**
043             * Returns <code>true</code> if the inline SQL helper is enabled for the
044             * company or group.
045             *
046             * @param  companyId the primary key of the company
047             * @param  groupId the primary key of the group
048             * @return <code>true</code> if the inline SQL helper is enabled for the
049             *         company or group; <code>false</code> otherwise
050             */
051            public boolean isEnabled(long companyId, long groupId);
052    
053            /**
054             * Returns <code>true</code> if the inline SQL helper is enabled for the
055             * groups.
056             *
057             * @param  groupIds the primary keys of the groups
058             * @return <code>true</code> if the inline SQL helper is enabled for the
059             *         groups; <code>false</code> otherwise
060             */
061            public boolean isEnabled(long[] groupIds);
062    
063            /**
064             * Modifies the SQL query to only match resources that the user has
065             * permission to view.
066             *
067             * @param  sql the SQL query
068             * @param  className the fully qualified class name of the resources matched
069             *         by the query
070             * @param  classPKField the name of the column containing the resource's
071             *         primary key
072             * @return the modified SQL query
073             */
074            public String replacePermissionCheck(
075                    String sql, String className, String classPKField);
076    
077            /**
078             * Modifies the SQL query to only match resources that the user has
079             * permission to view.
080             *
081             * @param  sql the SQL query
082             * @param  className the fully qualified class name of the resources matched
083             *         by the query
084             * @param  classPKField the name of the column containing the resource's
085             *         primary key
086             * @param  groupId the primary key of the group containing the resources
087             *         (optionally <code>null</code>)
088             * @return the modified SQL query
089             */
090            public String replacePermissionCheck(
091                    String sql, String className, String classPKField, long groupId);
092    
093            /**
094             * Modifies the SQL query to only match resources that the user has
095             * permission to view.
096             *
097             * @param  sql the SQL query
098             * @param  className the fully qualified class name of the resources matched
099             *         by the query
100             * @param  classPKField the name of the column containing the resource's
101             *         primary key
102             * @param  groupId the primary key of the group containing the resources
103             *         (optionally <code>null</code>)
104             * @param  bridgeJoin an additional join clause to insert before the
105             *         permission join (optionally <code>null</code>)
106             * @return the modified SQL query
107             */
108            public String replacePermissionCheck(
109                    String sql, String className, String classPKField, long groupId,
110                    String bridgeJoin);
111    
112            /**
113             * Modifies the SQL query to only match resources that the user has
114             * permission to view.
115             *
116             * @param  sql the SQL query
117             * @param  className the fully qualified class name of the resources matched
118             *         by the query
119             * @param  classPKField the name of the column containing the resource's
120             *         primary key
121             * @param  groupIds the primary keys of the groups containing the resources
122             *         (optionally <code>null</code>)
123             * @return the modified SQL query
124             */
125            public String replacePermissionCheck(
126                    String sql, String className, String classPKField, long[] groupIds);
127    
128            /**
129             * Modifies the SQL query to only match resources that the user has
130             * permission to view.
131             *
132             * @param  sql the SQL query
133             * @param  className the fully qualified class name of the resources matched
134             *         by the query
135             * @param  classPKField the name of the column containing the resource's
136             *         primary key
137             * @param  groupIds the primary keys of the groups containing the resources
138             *         (optionally <code>null</code>)
139             * @param  bridgeJoin an additional join clause to insert before the
140             *         permission join (optionally <code>null</code>)
141             * @return the modified SQL query
142             */
143            public String replacePermissionCheck(
144                    String sql, String className, String classPKField, long[] groupIds,
145                    String bridgeJoin);
146    
147            /**
148             * Modifies the SQL query to only match resources that the user has
149             * permission to view.
150             *
151             * @param  sql the SQL query
152             * @param  className the fully qualified class name of the resources matched
153             *         by the query
154             * @param  classPKField the name of the column containing the resource's
155             *         primary key
156             * @param  userIdField the name of the column containing  the resource
157             *         owner's primary key (optionally <code>null</code>)
158             * @return the modified SQL query
159             */
160            public String replacePermissionCheck(
161                    String sql, String className, String classPKField, String userIdField);
162    
163            /**
164             * Modifies the SQL query to only match resources that the user has
165             * permission to view.
166             *
167             * @param  sql the SQL query
168             * @param  className the fully qualified class name of the resources matched
169             *         by the query
170             * @param  classPKField the name of the column containing the resource's
171             *         primary key
172             * @param  userIdField the name of the column containing  the resource
173             *         owner's primary key (optionally <code>null</code>)
174             * @param  groupId the primary key of the group containing the resources
175             *         (optionally <code>null</code>)
176             * @return the modified SQL query
177             */
178            public String replacePermissionCheck(
179                    String sql, String className, String classPKField, String userIdField,
180                    long groupId);
181    
182            /**
183             * Modifies the SQL query to only match resources that the user has
184             * permission to view.
185             *
186             * @param  sql the SQL query
187             * @param  className the fully qualified class name of the resources matched
188             *         by the query
189             * @param  classPKField the name of the column containing the resource's
190             *         primary key
191             * @param  userIdField the name of the column containing  the resource
192             *         owner's primary key (optionally <code>null</code>)
193             * @param  groupId the primary key of the group containing the resources
194             *         (optionally <code>null</code>)
195             * @param  bridgeJoin an additional join clause to insert before the
196             *         permission join (optionally <code>null</code>)
197             * @return the modified SQL query
198             */
199            public String replacePermissionCheck(
200                    String sql, String className, String classPKField, String userIdField,
201                    long groupId, String bridgeJoin);
202    
203            /**
204             * Modifies the SQL query to only match resources that the user has
205             * permission to view.
206             *
207             * @param  sql the SQL query
208             * @param  className the fully qualified class name of the resources matched
209             *         by the query
210             * @param  classPKField the name of the column containing the resource's
211             *         primary key
212             * @param  userIdField the name of the column containing  the resource
213             *         owner's primary key (optionally <code>null</code>)
214             * @param  groupIds the primary keys of the groups containing the resources
215             *         (optionally <code>null</code>)
216             * @return the modified SQL query
217             */
218            public String replacePermissionCheck(
219                    String sql, String className, String classPKField, String userIdField,
220                    long[] groupIds);
221    
222            /**
223             * Modifies the SQL query to only match resources that the user has
224             * permission to view.
225             *
226             * @param  sql the SQL query
227             * @param  className the fully qualified class name of the resources matched
228             *         by the query
229             * @param  classPKField the name of the column containing the resource's
230             *         primary key
231             * @param  userIdField the name of the column containing  the resource
232             *         owner's primary key (optionally <code>null</code>)
233             * @param  groupIds the primary keys of the groups containing the resources
234             *         (optionally <code>null</code>)
235             * @param  bridgeJoin an additional join clause to insert before the
236             *         permission join (optionally <code>null</code>)
237             * @return the modified SQL query
238             */
239            public String replacePermissionCheck(
240                    String sql, String className, String classPKField, String userIdField,
241                    long[] groupIds, String bridgeJoin);
242    
243            /**
244             * Modifies the SQL query to only match resources that the user has
245             * permission to view.
246             *
247             * @param  sql the SQL query
248             * @param  className the fully qualified class name of the resources matched
249             *         by the query
250             * @param  classPKField the name of the column containing the resource's
251             *         primary key
252             * @param  userIdField the name of the column containing  the resource
253             *         owner's primary key (optionally <code>null</code>)
254             * @param  bridgeJoin an additional join clause to insert before the
255             *         permission join (optionally <code>null</code>)
256             * @return the modified SQL query
257             */
258            public String replacePermissionCheck(
259                    String sql, String className, String classPKField, String userIdField,
260                    String bridgeJoin);
261    
262            /**
263             * Modifies the SQL query to only match resources that the user has
264             * permission to view.
265             *
266             * @param  sql the SQL query
267             * @param  className the fully qualified class name of the resources matched
268             *         by the query
269             * @param  classPKField the name of the column containing the resource's
270             *         primary key
271             * @param  userIdField the name of the column containing  the resource
272             *         owner's primary key (optionally <code>null</code>)
273             * @param  groupIdField the name of the column containing the resource's
274             *         group ID (optionally <code>null</code>)
275             * @param  groupIds the primary keys of the groups containing the resources
276             *         (optionally <code>null</code>)
277             * @param  bridgeJoin an additional join clause to insert before the
278             *         permission join (optionally <code>null</code>)
279             * @return the modified SQL query
280             */
281            public String replacePermissionCheck(
282                    String sql, String className, String classPKField, String userIdField,
283                    String groupIdField, long[] groupIds, String bridgeJoin);
284    
285    }