001
014
015 package com.liferay.portal.service.permission;
016
017 import com.liferay.portal.kernel.exception.PortalException;
018 import com.liferay.portal.kernel.log.Log;
019 import com.liferay.portal.kernel.log.LogFactoryUtil;
020 import com.liferay.portal.kernel.model.Account;
021 import com.liferay.portal.kernel.model.Contact;
022 import com.liferay.portal.kernel.model.Organization;
023 import com.liferay.portal.kernel.model.RoleConstants;
024 import com.liferay.portal.kernel.model.User;
025 import com.liferay.portal.kernel.security.auth.PrincipalException;
026 import com.liferay.portal.kernel.security.permission.PermissionChecker;
027 import com.liferay.portal.kernel.service.AccountLocalServiceUtil;
028 import com.liferay.portal.kernel.service.RoleLocalServiceUtil;
029 import com.liferay.portal.kernel.service.UserLocalServiceUtil;
030 import com.liferay.portal.kernel.service.permission.CommonPermission;
031 import com.liferay.portal.kernel.service.permission.OrganizationPermissionUtil;
032 import com.liferay.portal.kernel.service.permission.UserPermissionUtil;
033 import com.liferay.portal.kernel.util.PortalUtil;
034
035
038 public class CommonPermissionImpl implements CommonPermission {
039
040 @Override
041 public void check(
042 PermissionChecker permissionChecker, long classNameId, long classPK,
043 String actionId)
044 throws PortalException {
045
046 String className = PortalUtil.getClassName(classNameId);
047
048 check(permissionChecker, className, classPK, actionId);
049 }
050
051 @Override
052 public void check(
053 PermissionChecker permissionChecker, String className, long classPK,
054 String actionId)
055 throws PortalException {
056
057 if (className.equals(Account.class.getName())) {
058 long companyId = permissionChecker.getCompanyId();
059
060 if (classPK > 0) {
061 Account account = AccountLocalServiceUtil.getAccount(classPK);
062
063 companyId = account.getCompanyId();
064 }
065
066 if (!RoleLocalServiceUtil.hasUserRole(
067 permissionChecker.getUserId(), companyId,
068 RoleConstants.ADMINISTRATOR, true)) {
069
070 throw new PrincipalException.MustBeCompanyAdmin(
071 permissionChecker);
072 }
073 }
074 else if (className.equals(Contact.class.getName())) {
075 User user = UserLocalServiceUtil.getUserByContactId(classPK);
076
077 UserPermissionUtil.check(
078 permissionChecker, user.getUserId(), actionId);
079 }
080 else if (className.equals(Organization.class.getName())) {
081 OrganizationPermissionUtil.check(
082 permissionChecker, classPK, actionId);
083 }
084 else if (className.equals(User.class.getName())) {
085 UserPermissionUtil.check(permissionChecker, classPK, actionId);
086 }
087 else {
088 if (_log.isWarnEnabled()) {
089 _log.warn("Invalid class name " + className);
090 }
091
092 throw new PrincipalException.MustHavePermission(
093 permissionChecker, className, classPK, actionId);
094 }
095 }
096
097 private static final Log _log = LogFactoryUtil.getLog(
098 CommonPermissionImpl.class);
099
100 }