001    /**
002     * Copyright (c) 2000-present Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.service.impl;
016    
017    import com.liferay.portal.kernel.exception.PortalException;
018    import com.liferay.portal.model.Group;
019    import com.liferay.portal.model.Role;
020    import com.liferay.portal.model.RoleConstants;
021    import com.liferay.portal.model.UserGroupRole;
022    import com.liferay.portal.security.membershippolicy.OrganizationMembershipPolicyUtil;
023    import com.liferay.portal.security.membershippolicy.SiteMembershipPolicyUtil;
024    import com.liferay.portal.service.base.UserGroupRoleServiceBaseImpl;
025    import com.liferay.portal.service.permission.UserGroupRolePermissionUtil;
026    import com.liferay.portal.service.persistence.UserGroupRolePK;
027    
028    import java.util.ArrayList;
029    import java.util.List;
030    
031    /**
032     * @author Brian Wing Shun Chan
033     */
034    public class UserGroupRoleServiceImpl extends UserGroupRoleServiceBaseImpl {
035    
036            @Override
037            public void addUserGroupRoles(long userId, long groupId, long[] roleIds)
038                    throws PortalException {
039    
040                    List<UserGroupRole> organizationUserGroupRoles =
041                            new ArrayList<UserGroupRole>();
042                    List<UserGroupRole> siteUserGroupRoles = new ArrayList<UserGroupRole>();
043    
044                    Group group = groupLocalService.getGroup(groupId);
045    
046                    for (long roleId : roleIds) {
047                            Role role = rolePersistence.findByPrimaryKey(roleId);
048    
049                            UserGroupRolePermissionUtil.check(
050                                    getPermissionChecker(), group, role);
051    
052                            UserGroupRolePK userGroupRolePK = new UserGroupRolePK(
053                                    userId, groupId, roleId);
054    
055                            UserGroupRole userGroupRole = userGroupRolePersistence.create(
056                                    userGroupRolePK);
057    
058                            if (role.getType() == RoleConstants.TYPE_ORGANIZATION) {
059                                    organizationUserGroupRoles.add(userGroupRole);
060                            }
061                            else if (role.getType() == RoleConstants.TYPE_SITE) {
062                                    siteUserGroupRoles.add(userGroupRole);
063                            }
064                    }
065    
066                    if (!siteUserGroupRoles.isEmpty()) {
067                            SiteMembershipPolicyUtil.checkRoles(siteUserGroupRoles, null);
068                    }
069    
070                    if (!organizationUserGroupRoles.isEmpty()) {
071                            OrganizationMembershipPolicyUtil.checkRoles(
072                                    organizationUserGroupRoles, null);
073                    }
074    
075                    userGroupRoleLocalService.addUserGroupRoles(userId, groupId, roleIds);
076    
077                    if (!siteUserGroupRoles.isEmpty()) {
078                            SiteMembershipPolicyUtil.propagateRoles(siteUserGroupRoles, null);
079                    }
080    
081                    if (!organizationUserGroupRoles.isEmpty()) {
082                            OrganizationMembershipPolicyUtil.propagateRoles(
083                                    organizationUserGroupRoles, null);
084                    }
085            }
086    
087            @Override
088            public void addUserGroupRoles(long[] userIds, long groupId, long roleId)
089                    throws PortalException {
090    
091                    UserGroupRolePermissionUtil.check(
092                            getPermissionChecker(), groupId, roleId);
093    
094                    List<UserGroupRole> userGroupRoles = new ArrayList<UserGroupRole>();
095    
096                    for (long userId : userIds) {
097                            UserGroupRolePK userGroupRolePK = new UserGroupRolePK(
098                                    userId, groupId, roleId);
099    
100                            UserGroupRole userGroupRole = userGroupRolePersistence.create(
101                                    userGroupRolePK);
102    
103                            userGroupRoles.add(userGroupRole);
104                    }
105    
106                    if (userGroupRoles.isEmpty()) {
107                            return;
108                    }
109    
110                    Role role = rolePersistence.findByPrimaryKey(roleId);
111    
112                    if (role.getType() == RoleConstants.TYPE_ORGANIZATION) {
113                            OrganizationMembershipPolicyUtil.checkRoles(userGroupRoles, null);
114                    }
115                    else if (role.getType() == RoleConstants.TYPE_SITE) {
116                            SiteMembershipPolicyUtil.checkRoles(userGroupRoles, null);
117                    }
118    
119                    userGroupRoleLocalService.addUserGroupRoles(userIds, groupId, roleId);
120    
121                    if (role.getType() == RoleConstants.TYPE_ORGANIZATION) {
122                            OrganizationMembershipPolicyUtil.propagateRoles(
123                                    userGroupRoles, null);
124                    }
125                    else if (role.getType() == RoleConstants.TYPE_SITE) {
126                            SiteMembershipPolicyUtil.propagateRoles(userGroupRoles, null);
127                    }
128            }
129    
130            @Override
131            public void deleteUserGroupRoles(long userId, long groupId, long[] roleIds)
132                    throws PortalException {
133    
134                    List<UserGroupRole> filteredOrganizationUserGroupRoles =
135                            new ArrayList<UserGroupRole>();
136                    List<UserGroupRole> filteredSiteUserGroupRoles =
137                            new ArrayList<UserGroupRole>();
138    
139                    Group group = groupLocalService.getGroup(groupId);
140    
141                    for (long roleId : roleIds) {
142                            Role role = roleLocalService.getRole(roleId);
143    
144                            UserGroupRolePermissionUtil.check(
145                                    getPermissionChecker(), group, role);
146    
147                            UserGroupRolePK userGroupRolePK = new UserGroupRolePK(
148                                    userId, groupId, roleId);
149    
150                            UserGroupRole userGroupRole = userGroupRolePersistence.create(
151                                    userGroupRolePK);
152    
153                            if (role.getType() == RoleConstants.TYPE_ORGANIZATION) {
154                                    if (!OrganizationMembershipPolicyUtil.isRoleProtected(
155                                                    getPermissionChecker(), userId,
156                                                    group.getOrganizationId(), roleId)) {
157    
158                                            filteredOrganizationUserGroupRoles.add(userGroupRole);
159                                    }
160                            }
161                            else if ((role.getType() == RoleConstants.TYPE_SITE) &&
162                                             !SiteMembershipPolicyUtil.isRoleProtected(
163                                                    getPermissionChecker(), userId, groupId, roleId)) {
164    
165                                            filteredSiteUserGroupRoles.add(userGroupRole);
166                            }
167                    }
168    
169                    if (filteredOrganizationUserGroupRoles.isEmpty() &&
170                            filteredSiteUserGroupRoles.isEmpty()) {
171    
172                            return;
173                    }
174    
175                    if (!filteredOrganizationUserGroupRoles.isEmpty()) {
176                            OrganizationMembershipPolicyUtil.checkRoles(
177                                    null, filteredOrganizationUserGroupRoles);
178                    }
179    
180                    if (!filteredSiteUserGroupRoles.isEmpty()) {
181                            SiteMembershipPolicyUtil.checkRoles(
182                                    null, filteredSiteUserGroupRoles);
183                    }
184    
185                    userGroupRoleLocalService.deleteUserGroupRoles(
186                            userId, groupId, roleIds);
187    
188                    if (!filteredOrganizationUserGroupRoles.isEmpty()) {
189                            OrganizationMembershipPolicyUtil.propagateRoles(
190                                    null, filteredOrganizationUserGroupRoles);
191                    }
192    
193                    if (!filteredSiteUserGroupRoles.isEmpty()) {
194                            SiteMembershipPolicyUtil.propagateRoles(
195                                    null, filteredSiteUserGroupRoles);
196                    }
197            }
198    
199            @Override
200            public void deleteUserGroupRoles(long[] userIds, long groupId, long roleId)
201                    throws PortalException {
202    
203                    UserGroupRolePermissionUtil.check(
204                            getPermissionChecker(), groupId, roleId);
205    
206                    List<UserGroupRole> filteredUserGroupRoles =
207                            new ArrayList<UserGroupRole>();
208    
209                    Role role = rolePersistence.findByPrimaryKey(roleId);
210    
211                    for (long userId : userIds) {
212                            UserGroupRolePK userGroupRolePK = new UserGroupRolePK(
213                                    userId, groupId, roleId);
214    
215                            UserGroupRole userGroupRole = userGroupRolePersistence.create(
216                                    userGroupRolePK);
217    
218                            if (role.getType() == RoleConstants.TYPE_ORGANIZATION) {
219                                    Group group = groupPersistence.findByPrimaryKey(groupId);
220    
221                                    if (!OrganizationMembershipPolicyUtil.isRoleProtected(
222                                                    getPermissionChecker(), userId,
223                                                    group.getOrganizationId(), roleId)) {
224    
225                                            filteredUserGroupRoles.add(userGroupRole);
226                                    }
227                            }
228                            else if ((role.getType() == RoleConstants.TYPE_SITE) &&
229                                             !SiteMembershipPolicyUtil.isRoleProtected(
230                                                     getPermissionChecker(), userId, groupId, roleId)) {
231    
232                                            filteredUserGroupRoles.add(userGroupRole);
233                            }
234                    }
235    
236                    if (filteredUserGroupRoles.isEmpty()) {
237                            return;
238                    }
239    
240                    if (role.getType() == RoleConstants.TYPE_ORGANIZATION) {
241                            OrganizationMembershipPolicyUtil.checkRoles(
242                                    null, filteredUserGroupRoles);
243                    }
244                    else if (role.getType() == RoleConstants.TYPE_SITE) {
245                            SiteMembershipPolicyUtil.checkRoles(null, filteredUserGroupRoles);
246                    }
247    
248                    userGroupRoleLocalService.deleteUserGroupRoles(
249                            userIds, groupId, roleId);
250    
251                    if (role.getType() == RoleConstants.TYPE_SITE) {
252                            SiteMembershipPolicyUtil.propagateRoles(
253                                    null, filteredUserGroupRoles);
254                    }
255                    else if (role.getType() == RoleConstants.TYPE_ORGANIZATION) {
256                            OrganizationMembershipPolicyUtil.propagateRoles(
257                                    null, filteredUserGroupRoles);
258                    }
259            }
260    
261    }