001
014
015 package com.liferay.portlet.messageboards.service.permission;
016
017 import com.liferay.portal.kernel.exception.PortalException;
018 import com.liferay.portal.kernel.spring.osgi.OSGiBeanProperties;
019 import com.liferay.portal.kernel.staging.permission.StagingPermissionUtil;
020 import com.liferay.portal.security.auth.PrincipalException;
021 import com.liferay.portal.security.permission.ActionKeys;
022 import com.liferay.portal.security.permission.BaseModelPermissionChecker;
023 import com.liferay.portal.security.permission.PermissionChecker;
024 import com.liferay.portal.util.PortletKeys;
025 import com.liferay.portal.util.PropsValues;
026 import com.liferay.portlet.messageboards.NoSuchCategoryException;
027 import com.liferay.portlet.messageboards.model.MBCategory;
028 import com.liferay.portlet.messageboards.model.MBCategoryConstants;
029 import com.liferay.portlet.messageboards.service.MBBanLocalServiceUtil;
030 import com.liferay.portlet.messageboards.service.MBCategoryLocalServiceUtil;
031
032
036 @OSGiBeanProperties(
037 property = {
038 "model.class.name=com.liferay.portlet.messageboards.model.MBCategory"
039 }
040 )
041 public class MBCategoryPermission implements BaseModelPermissionChecker {
042
043 public static void check(
044 PermissionChecker permissionChecker, long groupId, long categoryId,
045 String actionId)
046 throws PortalException {
047
048 if (!contains(permissionChecker, groupId, categoryId, actionId)) {
049 throw new PrincipalException();
050 }
051 }
052
053 public static void check(
054 PermissionChecker permissionChecker, long categoryId,
055 String actionId)
056 throws PortalException {
057
058 if (!contains(permissionChecker, categoryId, actionId)) {
059 throw new PrincipalException();
060 }
061 }
062
063 public static void check(
064 PermissionChecker permissionChecker, MBCategory category,
065 String actionId)
066 throws PortalException {
067
068 if (!contains(permissionChecker, category, actionId)) {
069 throw new PrincipalException();
070 }
071 }
072
073 public static boolean contains(
074 PermissionChecker permissionChecker, long groupId, long categoryId,
075 String actionId)
076 throws PortalException {
077
078 if (MBBanLocalServiceUtil.hasBan(
079 groupId, permissionChecker.getUserId())) {
080
081 return false;
082 }
083
084 if ((categoryId == MBCategoryConstants.DEFAULT_PARENT_CATEGORY_ID) ||
085 (categoryId == MBCategoryConstants.DISCUSSION_CATEGORY_ID)) {
086
087 return MBPermission.contains(permissionChecker, groupId, actionId);
088 }
089
090 MBCategory category = MBCategoryLocalServiceUtil.getCategory(
091 categoryId);
092
093 return contains(permissionChecker, category, actionId);
094 }
095
096 public static boolean contains(
097 PermissionChecker permissionChecker, long categoryId,
098 String actionId)
099 throws PortalException {
100
101 MBCategory category = MBCategoryLocalServiceUtil.getCategory(
102 categoryId);
103
104 return contains(permissionChecker, category, actionId);
105 }
106
107 public static boolean contains(
108 PermissionChecker permissionChecker, MBCategory category,
109 String actionId)
110 throws PortalException {
111
112 if (MBBanLocalServiceUtil.hasBan(
113 category.getGroupId(), permissionChecker.getUserId())) {
114
115 return false;
116 }
117
118 if (actionId.equals(ActionKeys.ADD_CATEGORY)) {
119 actionId = ActionKeys.ADD_SUBCATEGORY;
120 }
121
122 Boolean hasPermission = StagingPermissionUtil.hasPermission(
123 permissionChecker, category.getGroupId(),
124 MBCategory.class.getName(), category.getCategoryId(),
125 PortletKeys.MESSAGE_BOARDS, actionId);
126
127 if (hasPermission != null) {
128 return hasPermission.booleanValue();
129 }
130
131 if (actionId.equals(ActionKeys.VIEW) &&
132 PropsValues.PERMISSIONS_VIEW_DYNAMIC_INHERITANCE) {
133
134 try {
135 long categoryId = category.getCategoryId();
136
137 while (categoryId !=
138 MBCategoryConstants.DEFAULT_PARENT_CATEGORY_ID) {
139
140 category = MBCategoryLocalServiceUtil.getCategory(
141 categoryId);
142
143 if (!_hasPermission(
144 permissionChecker, category, actionId)) {
145
146 return false;
147 }
148
149 categoryId = category.getParentCategoryId();
150 }
151 }
152 catch (NoSuchCategoryException nsce) {
153 if (!category.isInTrash()) {
154 throw nsce;
155 }
156 }
157
158 return MBPermission.contains(
159 permissionChecker, category.getGroupId(), actionId);
160 }
161
162 return _hasPermission(permissionChecker, category, actionId);
163 }
164
165 @Override
166 public void checkBaseModel(
167 PermissionChecker permissionChecker, long groupId, long primaryKey,
168 String actionId)
169 throws PortalException {
170
171 check(permissionChecker, groupId, primaryKey, actionId);
172 }
173
174 private static boolean _hasPermission(
175 PermissionChecker permissionChecker, MBCategory category,
176 String actionId) {
177
178 if (permissionChecker.hasOwnerPermission(
179 category.getCompanyId(), MBCategory.class.getName(),
180 category.getCategoryId(), category.getUserId(), actionId) ||
181 permissionChecker.hasPermission(
182 category.getGroupId(), MBCategory.class.getName(),
183 category.getCategoryId(), actionId)) {
184
185 return true;
186 }
187
188 return false;
189 }
190
191 }