001    /**
002     * Copyright (c) 2000-present Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portlet.messageboards.service.permission;
016    
017    import com.liferay.portal.kernel.exception.PortalException;
018    import com.liferay.portal.kernel.spring.osgi.OSGiBeanProperties;
019    import com.liferay.portal.kernel.staging.permission.StagingPermissionUtil;
020    import com.liferay.portal.kernel.workflow.permission.WorkflowPermissionUtil;
021    import com.liferay.portal.security.auth.PrincipalException;
022    import com.liferay.portal.security.permission.ActionKeys;
023    import com.liferay.portal.security.permission.BaseModelPermissionChecker;
024    import com.liferay.portal.security.permission.PermissionChecker;
025    import com.liferay.portal.security.permission.ResourcePermissionChecker;
026    import com.liferay.portal.util.PortletKeys;
027    import com.liferay.portal.util.PropsValues;
028    import com.liferay.portlet.messageboards.NoSuchCategoryException;
029    import com.liferay.portlet.messageboards.model.MBCategory;
030    import com.liferay.portlet.messageboards.model.MBCategoryConstants;
031    import com.liferay.portlet.messageboards.model.MBMessage;
032    import com.liferay.portlet.messageboards.model.MBThread;
033    import com.liferay.portlet.messageboards.service.MBBanLocalServiceUtil;
034    import com.liferay.portlet.messageboards.service.MBCategoryLocalServiceUtil;
035    import com.liferay.portlet.messageboards.service.MBMessageLocalServiceUtil;
036    import com.liferay.portlet.messageboards.service.MBThreadLocalServiceUtil;
037    
038    /**
039     * @author Brian Wing Shun Chan
040     */
041    @OSGiBeanProperties(
042            property = {
043                    "model.class.name=com.liferay.portlet.messageboards.model.MBMessage"
044            }
045    )
046    public class MBMessagePermission
047            implements BaseModelPermissionChecker, ResourcePermissionChecker {
048    
049            public static void check(
050                            PermissionChecker permissionChecker, long messageId,
051                            String actionId)
052                    throws PortalException {
053    
054                    if (!contains(permissionChecker, messageId, actionId)) {
055                            throw new PrincipalException();
056                    }
057            }
058    
059            public static void check(
060                            PermissionChecker permissionChecker, MBMessage message,
061                            String actionId)
062                    throws PortalException {
063    
064                    if (!contains(permissionChecker, message, actionId)) {
065                            throw new PrincipalException();
066                    }
067            }
068    
069            public static boolean contains(
070                            PermissionChecker permissionChecker, long classPK, String actionId)
071                    throws PortalException {
072    
073                    MBThread mbThread = MBThreadLocalServiceUtil.fetchThread(classPK);
074    
075                    MBMessage message = null;
076    
077                    if (mbThread == null) {
078                            message = MBMessageLocalServiceUtil.getMessage(classPK);
079                    }
080                    else {
081                            message = MBMessageLocalServiceUtil.getMessage(
082                                    mbThread.getRootMessageId());
083                    }
084    
085                    return contains(permissionChecker, message, actionId);
086            }
087    
088            public static boolean contains(
089                            PermissionChecker permissionChecker, MBMessage message,
090                            String actionId)
091                    throws PortalException {
092    
093                    if (MBBanLocalServiceUtil.hasBan(
094                                    message.getGroupId(), permissionChecker.getUserId())) {
095    
096                            return false;
097                    }
098    
099                    Boolean hasPermission = StagingPermissionUtil.hasPermission(
100                            permissionChecker, message.getGroupId(), MBMessage.class.getName(),
101                            message.getMessageId(), PortletKeys.MESSAGE_BOARDS, actionId);
102    
103                    if (hasPermission != null) {
104                            return hasPermission.booleanValue();
105                    }
106    
107                    if (message.isDraft() || message.isScheduled()) {
108                            if (actionId.equals(ActionKeys.VIEW) &&
109                                    !contains(permissionChecker, message, ActionKeys.UPDATE)) {
110    
111                                    return false;
112                            }
113                    }
114                    else if (message.isPending()) {
115                            hasPermission = WorkflowPermissionUtil.hasPermission(
116                                    permissionChecker, message.getGroupId(),
117                                    message.getWorkflowClassName(), message.getMessageId(),
118                                    actionId);
119    
120                            if (hasPermission != null) {
121                                    return hasPermission.booleanValue();
122                            }
123                    }
124    
125                    if (actionId.equals(ActionKeys.VIEW) &&
126                            PropsValues.PERMISSIONS_VIEW_DYNAMIC_INHERITANCE) {
127    
128                            long categoryId = message.getCategoryId();
129    
130                            if ((categoryId ==
131                                            MBCategoryConstants.DEFAULT_PARENT_CATEGORY_ID) ||
132                                    (categoryId == MBCategoryConstants.DISCUSSION_CATEGORY_ID)) {
133    
134                                    if (!MBPermission.contains(
135                                                    permissionChecker, message.getGroupId(), actionId)) {
136    
137                                            return false;
138                                    }
139                            }
140                            else {
141                                    try {
142                                            MBCategory category =
143                                                    MBCategoryLocalServiceUtil.getCategory(categoryId);
144    
145                                            if (!MBCategoryPermission.contains(
146                                                            permissionChecker, category, actionId)) {
147    
148                                                    return false;
149                                            }
150                                    }
151                                    catch (NoSuchCategoryException nsce) {
152                                            if (!message.isInTrash()) {
153                                                    throw nsce;
154                                            }
155                                    }
156                            }
157                    }
158    
159                    if (permissionChecker.hasOwnerPermission(
160                                    message.getCompanyId(), MBMessage.class.getName(),
161                                    message.getRootMessageId(), message.getUserId(), actionId)) {
162    
163                            return true;
164                    }
165    
166                    return permissionChecker.hasPermission(
167                            message.getGroupId(), MBMessage.class.getName(),
168                            message.getMessageId(), actionId);
169            }
170    
171            @Override
172            public void checkBaseModel(
173                            PermissionChecker permissionChecker, long groupId, long primaryKey,
174                            String actionId)
175                    throws PortalException {
176    
177                    check(permissionChecker, primaryKey, actionId);
178            }
179    
180            @Override
181            public Boolean checkResource(
182                            PermissionChecker permissionChecker, long classPK, String actionId)
183                    throws PortalException {
184    
185                    return contains(permissionChecker, classPK, actionId);
186            }
187    
188    }