001
014
015 package com.liferay.portlet.messageboards.service.permission;
016
017 import com.liferay.portal.kernel.exception.PortalException;
018 import com.liferay.portal.kernel.spring.osgi.OSGiBeanProperties;
019 import com.liferay.portal.kernel.staging.permission.StagingPermissionUtil;
020 import com.liferay.portal.kernel.workflow.permission.WorkflowPermissionUtil;
021 import com.liferay.portal.security.auth.PrincipalException;
022 import com.liferay.portal.security.permission.ActionKeys;
023 import com.liferay.portal.security.permission.BaseModelPermissionChecker;
024 import com.liferay.portal.security.permission.PermissionChecker;
025 import com.liferay.portal.security.permission.ResourcePermissionChecker;
026 import com.liferay.portal.util.PortletKeys;
027 import com.liferay.portal.util.PropsValues;
028 import com.liferay.portlet.messageboards.NoSuchCategoryException;
029 import com.liferay.portlet.messageboards.model.MBCategory;
030 import com.liferay.portlet.messageboards.model.MBCategoryConstants;
031 import com.liferay.portlet.messageboards.model.MBMessage;
032 import com.liferay.portlet.messageboards.model.MBThread;
033 import com.liferay.portlet.messageboards.service.MBBanLocalServiceUtil;
034 import com.liferay.portlet.messageboards.service.MBCategoryLocalServiceUtil;
035 import com.liferay.portlet.messageboards.service.MBMessageLocalServiceUtil;
036 import com.liferay.portlet.messageboards.service.MBThreadLocalServiceUtil;
037
038
041 @OSGiBeanProperties(
042 property = {
043 "model.class.name=com.liferay.portlet.messageboards.model.MBMessage"
044 }
045 )
046 public class MBMessagePermission
047 implements BaseModelPermissionChecker, ResourcePermissionChecker {
048
049 public static void check(
050 PermissionChecker permissionChecker, long messageId,
051 String actionId)
052 throws PortalException {
053
054 if (!contains(permissionChecker, messageId, actionId)) {
055 throw new PrincipalException();
056 }
057 }
058
059 public static void check(
060 PermissionChecker permissionChecker, MBMessage message,
061 String actionId)
062 throws PortalException {
063
064 if (!contains(permissionChecker, message, actionId)) {
065 throw new PrincipalException();
066 }
067 }
068
069 public static boolean contains(
070 PermissionChecker permissionChecker, long classPK, String actionId)
071 throws PortalException {
072
073 MBThread mbThread = MBThreadLocalServiceUtil.fetchThread(classPK);
074
075 MBMessage message = null;
076
077 if (mbThread == null) {
078 message = MBMessageLocalServiceUtil.getMessage(classPK);
079 }
080 else {
081 message = MBMessageLocalServiceUtil.getMessage(
082 mbThread.getRootMessageId());
083 }
084
085 return contains(permissionChecker, message, actionId);
086 }
087
088 public static boolean contains(
089 PermissionChecker permissionChecker, MBMessage message,
090 String actionId)
091 throws PortalException {
092
093 if (MBBanLocalServiceUtil.hasBan(
094 message.getGroupId(), permissionChecker.getUserId())) {
095
096 return false;
097 }
098
099 Boolean hasPermission = StagingPermissionUtil.hasPermission(
100 permissionChecker, message.getGroupId(), MBMessage.class.getName(),
101 message.getMessageId(), PortletKeys.MESSAGE_BOARDS, actionId);
102
103 if (hasPermission != null) {
104 return hasPermission.booleanValue();
105 }
106
107 if (message.isDraft() || message.isScheduled()) {
108 if (actionId.equals(ActionKeys.VIEW) &&
109 !contains(permissionChecker, message, ActionKeys.UPDATE)) {
110
111 return false;
112 }
113 }
114 else if (message.isPending()) {
115 hasPermission = WorkflowPermissionUtil.hasPermission(
116 permissionChecker, message.getGroupId(),
117 message.getWorkflowClassName(), message.getMessageId(),
118 actionId);
119
120 if (hasPermission != null) {
121 return hasPermission.booleanValue();
122 }
123 }
124
125 if (actionId.equals(ActionKeys.VIEW) &&
126 PropsValues.PERMISSIONS_VIEW_DYNAMIC_INHERITANCE) {
127
128 long categoryId = message.getCategoryId();
129
130 if ((categoryId ==
131 MBCategoryConstants.DEFAULT_PARENT_CATEGORY_ID) ||
132 (categoryId == MBCategoryConstants.DISCUSSION_CATEGORY_ID)) {
133
134 if (!MBPermission.contains(
135 permissionChecker, message.getGroupId(), actionId)) {
136
137 return false;
138 }
139 }
140 else {
141 try {
142 MBCategory category =
143 MBCategoryLocalServiceUtil.getCategory(categoryId);
144
145 if (!MBCategoryPermission.contains(
146 permissionChecker, category, actionId)) {
147
148 return false;
149 }
150 }
151 catch (NoSuchCategoryException nsce) {
152 if (!message.isInTrash()) {
153 throw nsce;
154 }
155 }
156 }
157 }
158
159 if (permissionChecker.hasOwnerPermission(
160 message.getCompanyId(), MBMessage.class.getName(),
161 message.getRootMessageId(), message.getUserId(), actionId)) {
162
163 return true;
164 }
165
166 return permissionChecker.hasPermission(
167 message.getGroupId(), MBMessage.class.getName(),
168 message.getMessageId(), actionId);
169 }
170
171 @Override
172 public void checkBaseModel(
173 PermissionChecker permissionChecker, long groupId, long primaryKey,
174 String actionId)
175 throws PortalException {
176
177 check(permissionChecker, primaryKey, actionId);
178 }
179
180 @Override
181 public Boolean checkResource(
182 PermissionChecker permissionChecker, long classPK, String actionId)
183 throws PortalException {
184
185 return contains(permissionChecker, classPK, actionId);
186 }
187
188 }