001
014
015 package com.liferay.portlet.wiki.service.permission;
016
017 import com.liferay.portal.kernel.exception.PortalException;
018 import com.liferay.portal.kernel.spring.osgi.OSGiBeanProperties;
019 import com.liferay.portal.kernel.staging.permission.StagingPermissionUtil;
020 import com.liferay.portal.kernel.workflow.permission.WorkflowPermissionUtil;
021 import com.liferay.portal.security.auth.PrincipalException;
022 import com.liferay.portal.security.permission.ActionKeys;
023 import com.liferay.portal.security.permission.BaseModelPermissionChecker;
024 import com.liferay.portal.security.permission.PermissionChecker;
025 import com.liferay.portal.security.permission.ResourcePermissionChecker;
026 import com.liferay.portal.util.PortletKeys;
027 import com.liferay.portal.util.PropsValues;
028 import com.liferay.portlet.wiki.NoSuchPageException;
029 import com.liferay.portlet.wiki.model.WikiNode;
030 import com.liferay.portlet.wiki.model.WikiPage;
031 import com.liferay.portlet.wiki.service.WikiPageLocalServiceUtil;
032
033
036 @OSGiBeanProperties(
037 property = {"model.class.name=com.liferay.portlet.wiki.model.WikiPage"}
038 )
039 public class WikiPagePermission
040 implements BaseModelPermissionChecker, ResourcePermissionChecker {
041
042 public static void check(
043 PermissionChecker permissionChecker, long resourcePrimKey,
044 String actionId)
045 throws PortalException {
046
047 if (!contains(permissionChecker, resourcePrimKey, actionId)) {
048 throw new PrincipalException();
049 }
050 }
051
052 public static void check(
053 PermissionChecker permissionChecker, long nodeId, String title,
054 double version, String actionId)
055 throws PortalException {
056
057 if (!contains(permissionChecker, nodeId, title, version, actionId)) {
058 throw new PrincipalException();
059 }
060 }
061
062 public static void check(
063 PermissionChecker permissionChecker, long nodeId, String title,
064 String actionId)
065 throws PortalException {
066
067 if (!contains(permissionChecker, nodeId, title, actionId)) {
068 throw new PrincipalException();
069 }
070 }
071
072 public static void check(
073 PermissionChecker permissionChecker, WikiPage page, String actionId)
074 throws PortalException {
075
076 if (!contains(permissionChecker, page, actionId)) {
077 throw new PrincipalException();
078 }
079 }
080
081 public static boolean contains(
082 PermissionChecker permissionChecker, long classPK, String actionId)
083 throws PortalException {
084
085 WikiPage page = WikiPageLocalServiceUtil.fetchPage(classPK);
086
087 if (page == null) {
088 page = WikiPageLocalServiceUtil.getPageByPageId(classPK);
089 }
090
091 return contains(permissionChecker, page, actionId);
092 }
093
094 public static boolean contains(
095 PermissionChecker permissionChecker, long nodeId, String title,
096 double version, String actionId)
097 throws PortalException {
098
099 try {
100 WikiPage page = WikiPageLocalServiceUtil.getPage(
101 nodeId, title, version);
102
103 return contains(permissionChecker, page, actionId);
104 }
105 catch (NoSuchPageException nspe) {
106 return WikiNodePermission.contains(
107 permissionChecker, nodeId, ActionKeys.VIEW);
108 }
109 }
110
111 public static boolean contains(
112 PermissionChecker permissionChecker, long nodeId, String title,
113 String actionId)
114 throws PortalException {
115
116 try {
117 WikiPage page = WikiPageLocalServiceUtil.getPage(
118 nodeId, title, null);
119
120 return contains(permissionChecker, page, actionId);
121 }
122 catch (NoSuchPageException nspe) {
123 return WikiNodePermission.contains(
124 permissionChecker, nodeId, ActionKeys.VIEW);
125 }
126 }
127
128 public static boolean contains(
129 PermissionChecker permissionChecker, WikiPage page, String actionId) {
130
131 Boolean hasPermission = StagingPermissionUtil.hasPermission(
132 permissionChecker, page.getGroupId(), WikiPage.class.getName(),
133 page.getPageId(), PortletKeys.WIKI, actionId);
134
135 if (hasPermission != null) {
136 return hasPermission.booleanValue();
137 }
138
139 if (page.isDraft()) {
140 if (actionId.equals(ActionKeys.VIEW) &&
141 !contains(permissionChecker, page, ActionKeys.UPDATE)) {
142
143 return false;
144 }
145
146 if (actionId.equals(ActionKeys.DELETE) &&
147 (page.getStatusByUserId() == permissionChecker.getUserId())) {
148
149 return true;
150 }
151 }
152 else if (page.isPending()) {
153 hasPermission = WorkflowPermissionUtil.hasPermission(
154 permissionChecker, page.getGroupId(), WikiPage.class.getName(),
155 page.getResourcePrimKey(), actionId);
156
157 if ((hasPermission != null) && hasPermission.booleanValue()) {
158 return true;
159 }
160 }
161 else if (page.isScheduled()) {
162 if (actionId.equals(ActionKeys.VIEW) &&
163 !contains(permissionChecker, page, ActionKeys.UPDATE)) {
164
165 return false;
166 }
167 }
168
169 if (actionId.equals(ActionKeys.VIEW)) {
170 WikiPage redirectPage = page.fetchRedirectPage();
171
172 if (redirectPage != null) {
173 page = redirectPage;
174 }
175
176 if (PropsValues.PERMISSIONS_VIEW_DYNAMIC_INHERITANCE) {
177 WikiNode node = page.getNode();
178
179 if (!WikiNodePermission.contains(
180 permissionChecker, node, actionId)) {
181
182 return false;
183 }
184
185 while (page != null) {
186 if (!_hasPermission(permissionChecker, page, actionId)) {
187 return false;
188 }
189
190 page = page.fetchParentPage();
191 }
192
193 return true;
194 }
195 }
196
197 return _hasPermission(permissionChecker, page, actionId);
198 }
199
200 @Override
201 public void checkBaseModel(
202 PermissionChecker permissionChecker, long groupId, long primaryKey,
203 String actionId)
204 throws PortalException {
205
206 check(permissionChecker, primaryKey, actionId);
207 }
208
209 @Override
210 public Boolean checkResource(
211 PermissionChecker permissionChecker, long classPK, String actionId)
212 throws PortalException {
213
214 return contains(permissionChecker, classPK, actionId);
215 }
216
217 private static boolean _hasPermission(
218 PermissionChecker permissionChecker, WikiPage page, String actionId) {
219
220 if (permissionChecker.hasOwnerPermission(
221 page.getCompanyId(), WikiPage.class.getName(),
222 page.getResourcePrimKey(), page.getUserId(), actionId) ||
223 permissionChecker.hasPermission(
224 page.getGroupId(), WikiPage.class.getName(),
225 page.getResourcePrimKey(), actionId)) {
226
227 return true;
228 }
229
230 return false;
231 }
232
233 }