001
014
015 package com.liferay.portlet.journal.service.permission;
016
017 import com.liferay.portal.kernel.exception.PortalException;
018 import com.liferay.portal.kernel.spring.osgi.OSGiBeanProperties;
019 import com.liferay.portal.kernel.staging.permission.StagingPermissionUtil;
020 import com.liferay.portal.kernel.workflow.permission.WorkflowPermissionUtil;
021 import com.liferay.portal.security.auth.PrincipalException;
022 import com.liferay.portal.security.permission.ActionKeys;
023 import com.liferay.portal.security.permission.BaseModelPermissionChecker;
024 import com.liferay.portal.security.permission.PermissionChecker;
025 import com.liferay.portal.security.permission.ResourcePermissionChecker;
026 import com.liferay.portal.util.PortletKeys;
027 import com.liferay.portal.util.PropsValues;
028 import com.liferay.portlet.journal.NoSuchFolderException;
029 import com.liferay.portlet.journal.model.JournalArticle;
030 import com.liferay.portlet.journal.model.JournalFolder;
031 import com.liferay.portlet.journal.model.JournalFolderConstants;
032 import com.liferay.portlet.journal.service.JournalArticleLocalServiceUtil;
033 import com.liferay.portlet.journal.service.JournalFolderLocalServiceUtil;
034
035
039 @OSGiBeanProperties(
040 property = {
041 "model.class.name=com.liferay.portlet.journal.model.JournalArticle"
042 }
043 )
044 public class JournalArticlePermission
045 implements BaseModelPermissionChecker, ResourcePermissionChecker {
046
047 public static void check(
048 PermissionChecker permissionChecker, JournalArticle article,
049 String actionId)
050 throws PortalException {
051
052 if (!contains(permissionChecker, article, actionId)) {
053 throw new PrincipalException();
054 }
055 }
056
057 public static void check(
058 PermissionChecker permissionChecker, long resourcePrimKey,
059 String actionId)
060 throws PortalException {
061
062 if (!contains(permissionChecker, resourcePrimKey, actionId)) {
063 throw new PrincipalException();
064 }
065 }
066
067 public static void check(
068 PermissionChecker permissionChecker, long groupId, String articleId,
069 double version, String actionId)
070 throws PortalException {
071
072 if (!contains(
073 permissionChecker, groupId, articleId, version, actionId)) {
074
075 throw new PrincipalException();
076 }
077 }
078
079 public static void check(
080 PermissionChecker permissionChecker, long groupId, String articleId,
081 int status, String actionId)
082 throws PortalException {
083
084 if (!contains(
085 permissionChecker, groupId, articleId, status, actionId)) {
086
087 throw new PrincipalException();
088 }
089 }
090
091 public static void check(
092 PermissionChecker permissionChecker, long groupId, String articleId,
093 String actionId)
094 throws PortalException {
095
096 if (!contains(permissionChecker, groupId, articleId, actionId)) {
097 throw new PrincipalException();
098 }
099 }
100
101 public static boolean contains(
102 PermissionChecker permissionChecker, JournalArticle article,
103 String actionId)
104 throws PortalException {
105
106 Boolean hasPermission = StagingPermissionUtil.hasPermission(
107 permissionChecker, article.getGroupId(),
108 JournalArticle.class.getName(), article.getResourcePrimKey(),
109 PortletKeys.JOURNAL, actionId);
110
111 if (hasPermission != null) {
112 return hasPermission.booleanValue();
113 }
114
115 if (article.isDraft() || article.isScheduled()) {
116 if (actionId.equals(ActionKeys.VIEW) &&
117 !contains(permissionChecker, article, ActionKeys.UPDATE)) {
118
119 return false;
120 }
121 }
122 else if (article.isPending()) {
123 hasPermission = WorkflowPermissionUtil.hasPermission(
124 permissionChecker, article.getGroupId(),
125 JournalArticle.class.getName(), article.getResourcePrimKey(),
126 actionId);
127
128 if (hasPermission != null) {
129 return hasPermission.booleanValue();
130 }
131 }
132
133 if (actionId.equals(ActionKeys.VIEW) &&
134 !PropsValues.JOURNAL_ARTICLE_VIEW_PERMISSION_CHECK_ENABLED) {
135
136 return true;
137 }
138
139 if (actionId.equals(ActionKeys.VIEW) &&
140 PropsValues.PERMISSIONS_VIEW_DYNAMIC_INHERITANCE) {
141
142 long folderId = article.getFolderId();
143
144 if (folderId == JournalFolderConstants.DEFAULT_PARENT_FOLDER_ID) {
145 if (!JournalPermission.contains(
146 permissionChecker, article.getGroupId(), actionId)) {
147
148 return false;
149 }
150 }
151 else {
152 try {
153 JournalFolder folder =
154 JournalFolderLocalServiceUtil.getFolder(folderId);
155
156 if (!JournalFolderPermission.contains(
157 permissionChecker, folder, ActionKeys.ACCESS) &&
158 !JournalFolderPermission.contains(
159 permissionChecker, folder, ActionKeys.VIEW)) {
160
161 return false;
162 }
163 }
164 catch (NoSuchFolderException nsfe) {
165 if (!article.isInTrash()) {
166 throw nsfe;
167 }
168 }
169 }
170 }
171
172 if (permissionChecker.hasOwnerPermission(
173 article.getCompanyId(), JournalArticle.class.getName(),
174 article.getResourcePrimKey(), article.getUserId(), actionId)) {
175
176 return true;
177 }
178
179 return permissionChecker.hasPermission(
180 article.getGroupId(), JournalArticle.class.getName(),
181 article.getResourcePrimKey(), actionId);
182 }
183
184 public static boolean contains(
185 PermissionChecker permissionChecker, long classPK, String actionId)
186 throws PortalException {
187
188 JournalArticle article =
189 JournalArticleLocalServiceUtil.fetchLatestArticle(classPK);
190
191 if (article == null) {
192 article = JournalArticleLocalServiceUtil.getArticle(classPK);
193 }
194
195 return contains(permissionChecker, article, actionId);
196 }
197
198 public static boolean contains(
199 PermissionChecker permissionChecker, long groupId, String articleId,
200 double version, String actionId)
201 throws PortalException {
202
203 JournalArticle article = JournalArticleLocalServiceUtil.getArticle(
204 groupId, articleId, version);
205
206 return contains(permissionChecker, article, actionId);
207 }
208
209 public static boolean contains(
210 PermissionChecker permissionChecker, long groupId, String articleId,
211 int status, String actionId)
212 throws PortalException {
213
214 JournalArticle article =
215 JournalArticleLocalServiceUtil.getLatestArticle(
216 groupId, articleId, status);
217
218 return contains(permissionChecker, article, actionId);
219 }
220
221 public static boolean contains(
222 PermissionChecker permissionChecker, long groupId, String articleId,
223 String actionId)
224 throws PortalException {
225
226 JournalArticle article = JournalArticleLocalServiceUtil.getArticle(
227 groupId, articleId);
228
229 return contains(permissionChecker, article, actionId);
230 }
231
232 @Override
233 public void checkBaseModel(
234 PermissionChecker permissionChecker, long groupId, long primaryKey,
235 String actionId)
236 throws PortalException {
237
238 check(permissionChecker, primaryKey, actionId);
239 }
240
241 @Override
242 public Boolean checkResource(
243 PermissionChecker permissionChecker, long classPK, String actionId)
244 throws PortalException {
245
246 return contains(permissionChecker, classPK, actionId);
247 }
248
249 }