001
014
015 package com.liferay.portlet.journal.service.permission;
016
017 import com.liferay.portal.kernel.exception.PortalException;
018 import com.liferay.portal.kernel.spring.osgi.OSGiBeanProperties;
019 import com.liferay.portal.kernel.staging.permission.StagingPermissionUtil;
020 import com.liferay.portal.kernel.workflow.permission.WorkflowPermissionUtil;
021 import com.liferay.portal.security.auth.PrincipalException;
022 import com.liferay.portal.security.permission.ActionKeys;
023 import com.liferay.portal.security.permission.BaseModelPermissionChecker;
024 import com.liferay.portal.security.permission.PermissionChecker;
025 import com.liferay.portal.util.PortletKeys;
026 import com.liferay.portal.util.PropsValues;
027 import com.liferay.portlet.journal.NoSuchFolderException;
028 import com.liferay.portlet.journal.model.JournalArticle;
029 import com.liferay.portlet.journal.model.JournalFolder;
030 import com.liferay.portlet.journal.model.JournalFolderConstants;
031 import com.liferay.portlet.journal.service.JournalArticleLocalServiceUtil;
032 import com.liferay.portlet.journal.service.JournalFolderLocalServiceUtil;
033
034
038 @OSGiBeanProperties(
039 property = {
040 "model.class.name=com.liferay.portlet.journal.model.JournalArticle"
041 }
042 )
043 public class JournalArticlePermission implements BaseModelPermissionChecker {
044
045 public static void check(
046 PermissionChecker permissionChecker, JournalArticle article,
047 String actionId)
048 throws PortalException {
049
050 if (!contains(permissionChecker, article, actionId)) {
051 throw new PrincipalException();
052 }
053 }
054
055 public static void check(
056 PermissionChecker permissionChecker, long resourcePrimKey,
057 String actionId)
058 throws PortalException {
059
060 if (!contains(permissionChecker, resourcePrimKey, actionId)) {
061 throw new PrincipalException();
062 }
063 }
064
065 public static void check(
066 PermissionChecker permissionChecker, long groupId, String articleId,
067 double version, String actionId)
068 throws PortalException {
069
070 if (!contains(
071 permissionChecker, groupId, articleId, version, actionId)) {
072
073 throw new PrincipalException();
074 }
075 }
076
077 public static void check(
078 PermissionChecker permissionChecker, long groupId, String articleId,
079 int status, String actionId)
080 throws PortalException {
081
082 if (!contains(
083 permissionChecker, groupId, articleId, status, actionId)) {
084
085 throw new PrincipalException();
086 }
087 }
088
089 public static void check(
090 PermissionChecker permissionChecker, long groupId, String articleId,
091 String actionId)
092 throws PortalException {
093
094 if (!contains(permissionChecker, groupId, articleId, actionId)) {
095 throw new PrincipalException();
096 }
097 }
098
099 public static boolean contains(
100 PermissionChecker permissionChecker, JournalArticle article,
101 String actionId)
102 throws PortalException {
103
104 Boolean hasPermission = StagingPermissionUtil.hasPermission(
105 permissionChecker, article.getGroupId(),
106 JournalArticle.class.getName(), article.getResourcePrimKey(),
107 PortletKeys.JOURNAL, actionId);
108
109 if (hasPermission != null) {
110 return hasPermission.booleanValue();
111 }
112
113 if (article.isDraft() || article.isScheduled()) {
114 if (actionId.equals(ActionKeys.VIEW) &&
115 !contains(permissionChecker, article, ActionKeys.UPDATE)) {
116
117 return false;
118 }
119 }
120 else if (article.isPending()) {
121 hasPermission = WorkflowPermissionUtil.hasPermission(
122 permissionChecker, article.getGroupId(),
123 JournalArticle.class.getName(), article.getResourcePrimKey(),
124 actionId);
125
126 if (hasPermission != null) {
127 return hasPermission.booleanValue();
128 }
129 }
130
131 if (actionId.equals(ActionKeys.VIEW) &&
132 !PropsValues.JOURNAL_ARTICLE_VIEW_PERMISSION_CHECK_ENABLED) {
133
134 return true;
135 }
136
137 if (actionId.equals(ActionKeys.VIEW) &&
138 PropsValues.PERMISSIONS_VIEW_DYNAMIC_INHERITANCE) {
139
140 long folderId = article.getFolderId();
141
142 if (folderId == JournalFolderConstants.DEFAULT_PARENT_FOLDER_ID) {
143 if (!JournalPermission.contains(
144 permissionChecker, article.getGroupId(), actionId)) {
145
146 return false;
147 }
148 }
149 else {
150 try {
151 JournalFolder folder =
152 JournalFolderLocalServiceUtil.getFolder(folderId);
153
154 if (!JournalFolderPermission.contains(
155 permissionChecker, folder, ActionKeys.ACCESS) &&
156 !JournalFolderPermission.contains(
157 permissionChecker, folder, ActionKeys.VIEW)) {
158
159 return false;
160 }
161 }
162 catch (NoSuchFolderException nsfe) {
163 if (!article.isInTrash()) {
164 throw nsfe;
165 }
166 }
167 }
168 }
169
170 if (permissionChecker.hasOwnerPermission(
171 article.getCompanyId(), JournalArticle.class.getName(),
172 article.getResourcePrimKey(), article.getUserId(), actionId)) {
173
174 return true;
175 }
176
177 return permissionChecker.hasPermission(
178 article.getGroupId(), JournalArticle.class.getName(),
179 article.getResourcePrimKey(), actionId);
180 }
181
182 public static boolean contains(
183 PermissionChecker permissionChecker, long classPK, String actionId)
184 throws PortalException {
185
186 JournalArticle article =
187 JournalArticleLocalServiceUtil.fetchLatestArticle(classPK);
188
189 if (article == null) {
190 article = JournalArticleLocalServiceUtil.getArticle(classPK);
191 }
192
193 return contains(permissionChecker, article, actionId);
194 }
195
196 public static boolean contains(
197 PermissionChecker permissionChecker, long groupId, String articleId,
198 double version, String actionId)
199 throws PortalException {
200
201 JournalArticle article = JournalArticleLocalServiceUtil.getArticle(
202 groupId, articleId, version);
203
204 return contains(permissionChecker, article, actionId);
205 }
206
207 public static boolean contains(
208 PermissionChecker permissionChecker, long groupId, String articleId,
209 int status, String actionId)
210 throws PortalException {
211
212 JournalArticle article =
213 JournalArticleLocalServiceUtil.getLatestArticle(
214 groupId, articleId, status);
215
216 return contains(permissionChecker, article, actionId);
217 }
218
219 public static boolean contains(
220 PermissionChecker permissionChecker, long groupId, String articleId,
221 String actionId)
222 throws PortalException {
223
224 JournalArticle article = JournalArticleLocalServiceUtil.getArticle(
225 groupId, articleId);
226
227 return contains(permissionChecker, article, actionId);
228 }
229
230 @Override
231 public void checkBaseModel(
232 PermissionChecker permissionChecker, long groupId, long primaryKey,
233 String actionId)
234 throws PortalException {
235
236 check(permissionChecker, primaryKey, actionId);
237 }
238
239 }