001
014
015 package com.liferay.portlet.documentlibrary.service.permission;
016
017 import com.liferay.portal.kernel.exception.PortalException;
018 import com.liferay.portal.kernel.repository.model.FileEntry;
019 import com.liferay.portal.kernel.spring.osgi.OSGiBeanProperties;
020 import com.liferay.portal.kernel.staging.permission.StagingPermissionUtil;
021 import com.liferay.portal.kernel.workflow.permission.WorkflowPermissionUtil;
022 import com.liferay.portal.security.auth.PrincipalException;
023 import com.liferay.portal.security.permission.ActionKeys;
024 import com.liferay.portal.security.permission.BaseModelPermissionChecker;
025 import com.liferay.portal.security.permission.PermissionChecker;
026 import com.liferay.portal.util.PortletKeys;
027 import com.liferay.portal.util.PropsValues;
028 import com.liferay.portlet.documentlibrary.NoSuchFolderException;
029 import com.liferay.portlet.documentlibrary.model.DLFileEntry;
030 import com.liferay.portlet.documentlibrary.model.DLFileVersion;
031 import com.liferay.portlet.documentlibrary.model.DLFolder;
032 import com.liferay.portlet.documentlibrary.model.DLFolderConstants;
033 import com.liferay.portlet.documentlibrary.service.DLAppLocalServiceUtil;
034 import com.liferay.portlet.documentlibrary.service.DLFolderLocalServiceUtil;
035
036
040 @OSGiBeanProperties(
041 property = {
042 "model.class.name=com.liferay.portlet.documentlibrary.model.DLFileEntry"
043 }
044 )
045 public class DLFileEntryPermission implements BaseModelPermissionChecker {
046
047 public static void check(
048 PermissionChecker permissionChecker, DLFileEntry dlFileEntry,
049 String actionId)
050 throws PortalException {
051
052 if (!contains(permissionChecker, dlFileEntry, actionId)) {
053 throw new PrincipalException();
054 }
055 }
056
057 public static void check(
058 PermissionChecker permissionChecker, FileEntry fileEntry,
059 String actionId)
060 throws PortalException {
061
062 if (!fileEntry.containsPermission(permissionChecker, actionId)) {
063 throw new PrincipalException();
064 }
065 }
066
067 public static void check(
068 PermissionChecker permissionChecker, long fileEntryId,
069 String actionId)
070 throws PortalException {
071
072 if (!contains(permissionChecker, fileEntryId, actionId)) {
073 throw new PrincipalException();
074 }
075 }
076
077 public static boolean contains(
078 PermissionChecker permissionChecker, DLFileEntry dlFileEntry,
079 String actionId)
080 throws PortalException {
081
082 Boolean hasPermission = StagingPermissionUtil.hasPermission(
083 permissionChecker, dlFileEntry.getGroupId(),
084 DLFileEntry.class.getName(), dlFileEntry.getFileEntryId(),
085 PortletKeys.DOCUMENT_LIBRARY, actionId);
086
087 if (hasPermission != null) {
088 return hasPermission.booleanValue();
089 }
090
091 DLFileVersion latestDLFileVersion = dlFileEntry.getLatestFileVersion(
092 true);
093
094 if (latestDLFileVersion.isPending()) {
095 hasPermission = WorkflowPermissionUtil.hasPermission(
096 permissionChecker, dlFileEntry.getGroupId(),
097 DLFileEntry.class.getName(), dlFileEntry.getFileEntryId(),
098 actionId);
099
100 if (hasPermission != null) {
101 return hasPermission.booleanValue();
102 }
103 }
104
105 if (actionId.equals(ActionKeys.VIEW) &&
106 PropsValues.PERMISSIONS_VIEW_DYNAMIC_INHERITANCE) {
107
108 long dlFolderId = dlFileEntry.getFolderId();
109
110 if (dlFolderId == DLFolderConstants.DEFAULT_PARENT_FOLDER_ID) {
111 if (!DLPermission.contains(
112 permissionChecker, dlFileEntry.getGroupId(),
113 actionId)) {
114
115 return false;
116 }
117 }
118 else {
119 try {
120 DLFolder dlFolder = DLFolderLocalServiceUtil.getFolder(
121 dlFolderId);
122
123 if (!DLFolderPermission.contains(
124 permissionChecker, dlFolder, ActionKeys.ACCESS) &&
125 !DLFolderPermission.contains(
126 permissionChecker, dlFolder, ActionKeys.VIEW)) {
127
128 return false;
129 }
130 }
131 catch (NoSuchFolderException nsfe) {
132 if (!dlFileEntry.isInTrash()) {
133 throw nsfe;
134 }
135 }
136 }
137 }
138
139 if (permissionChecker.hasOwnerPermission(
140 dlFileEntry.getCompanyId(), DLFileEntry.class.getName(),
141 dlFileEntry.getFileEntryId(), dlFileEntry.getUserId(),
142 actionId)) {
143
144 return true;
145 }
146
147 return permissionChecker.hasPermission(
148 dlFileEntry.getGroupId(), DLFileEntry.class.getName(),
149 dlFileEntry.getFileEntryId(), actionId);
150 }
151
152 public static boolean contains(
153 PermissionChecker permissionChecker, FileEntry fileEntry,
154 String actionId)
155 throws PortalException {
156
157 return fileEntry.containsPermission(permissionChecker, actionId);
158 }
159
160 public static boolean contains(
161 PermissionChecker permissionChecker, long fileEntryId,
162 String actionId)
163 throws PortalException {
164
165 FileEntry fileEntry = DLAppLocalServiceUtil.getFileEntry(fileEntryId);
166
167 return fileEntry.containsPermission(permissionChecker, actionId);
168 }
169
170 @Override
171 public void checkBaseModel(
172 PermissionChecker permissionChecker, long groupId, long primaryKey,
173 String actionId)
174 throws PortalException {
175
176 check(permissionChecker, primaryKey, actionId);
177 }
178
179 }