001
014
015 package com.liferay.portlet.messageboards.service.permission;
016
017 import com.liferay.portal.kernel.exception.PortalException;
018 import com.liferay.portal.kernel.spring.osgi.OSGiBeanProperties;
019 import com.liferay.portal.kernel.staging.permission.StagingPermissionUtil;
020 import com.liferay.portal.kernel.workflow.WorkflowInstance;
021 import com.liferay.portal.kernel.workflow.permission.WorkflowPermissionUtil;
022 import com.liferay.portal.security.auth.PrincipalException;
023 import com.liferay.portal.security.permission.ActionKeys;
024 import com.liferay.portal.security.permission.BaseModelPermissionChecker;
025 import com.liferay.portal.security.permission.BaseModelPermissionCheckerUtil;
026 import com.liferay.portal.security.permission.PermissionChecker;
027 import com.liferay.portal.security.permission.ResourceActionsUtil;
028 import com.liferay.portal.util.PortletKeys;
029 import com.liferay.portal.util.PropsValues;
030 import com.liferay.portlet.messageboards.model.MBDiscussion;
031 import com.liferay.portlet.messageboards.model.MBMessage;
032 import com.liferay.portlet.messageboards.service.MBBanLocalServiceUtil;
033 import com.liferay.portlet.messageboards.service.MBDiscussionLocalServiceUtil;
034 import com.liferay.portlet.messageboards.service.MBMessageLocalServiceUtil;
035
036 import java.util.List;
037
038
042 @OSGiBeanProperties(
043 property = {
044 "model.class.name=com.liferay.portlet.messageboards.model.MBDiscussion"
045 }
046 )
047 public class MBDiscussionPermission implements BaseModelPermissionChecker {
048
049 public static void check(
050 PermissionChecker permissionChecker, long companyId, long groupId,
051 String className, long classPK, long messageId, long ownerId,
052 String actionId)
053 throws PortalException {
054
055 if (!contains(
056 permissionChecker, companyId, groupId, className, classPK,
057 messageId, ownerId, actionId)) {
058
059 throw new PrincipalException();
060 }
061 }
062
063 public static void check(
064 PermissionChecker permissionChecker, long companyId, long groupId,
065 String className, long classPK, long ownerId, String actionId)
066 throws PortalException {
067
068 if (!contains(
069 permissionChecker, companyId, groupId, className, classPK,
070 ownerId, actionId)) {
071
072 throw new PrincipalException();
073 }
074 }
075
076 public static boolean contains(
077 PermissionChecker permissionChecker, long companyId, long groupId,
078 String className, long classPK, long messageId, long ownerId,
079 String actionId)
080 throws PortalException {
081
082 MBMessage message = MBMessageLocalServiceUtil.getMessage(messageId);
083
084 if (className.equals(WorkflowInstance.class.getName())) {
085 return permissionChecker.hasPermission(
086 message.getGroupId(), PortletKeys.WORKFLOW_DEFINITIONS,
087 message.getGroupId(), ActionKeys.VIEW);
088 }
089
090 if (PropsValues.DISCUSSION_COMMENTS_ALWAYS_EDITABLE_BY_OWNER &&
091 (permissionChecker.getUserId() == message.getUserId())) {
092
093 return true;
094 }
095
096 if (message.isPending()) {
097 Boolean hasPermission = WorkflowPermissionUtil.hasPermission(
098 permissionChecker, message.getGroupId(),
099 message.getWorkflowClassName(), message.getMessageId(),
100 actionId);
101
102 if (hasPermission != null) {
103 return hasPermission.booleanValue();
104 }
105 }
106
107 return contains(
108 permissionChecker, companyId, groupId, className, classPK, ownerId,
109 actionId);
110 }
111
112 public static boolean contains(
113 PermissionChecker permissionChecker, long companyId, long groupId,
114 String className, long classPK, long ownerId, String actionId) {
115
116 if (MBBanLocalServiceUtil.hasBan(
117 groupId, permissionChecker.getUserId())) {
118
119 return false;
120 }
121
122 Boolean hasPermission = StagingPermissionUtil.hasPermission(
123 permissionChecker, groupId, className, classPK,
124 PortletKeys.MESSAGE_BOARDS, actionId);
125
126 if (hasPermission != null) {
127 return hasPermission.booleanValue();
128 }
129
130 List<String> resourceActions = ResourceActionsUtil.getResourceActions(
131 className);
132
133 if (!resourceActions.contains(actionId)) {
134 return true;
135 }
136
137 if ((ownerId > 0) &&
138 permissionChecker.hasOwnerPermission(
139 companyId, className, classPK, ownerId, actionId)) {
140
141 return true;
142 }
143
144 hasPermission =
145 BaseModelPermissionCheckerUtil.containsBaseModelPermission(
146 permissionChecker, groupId, className, classPK, actionId);
147
148 if (hasPermission != null) {
149 return hasPermission.booleanValue();
150 }
151
152 return permissionChecker.hasPermission(
153 groupId, className, classPK, actionId);
154 }
155
156 @Override
157 public void checkBaseModel(
158 PermissionChecker permissionChecker, long groupId, long primaryKey,
159 String actionId)
160 throws PortalException {
161
162 MBDiscussion mbDiscussion =
163 MBDiscussionLocalServiceUtil.getMBDiscussion(primaryKey);
164
165 check(
166 permissionChecker, mbDiscussion.getCompanyId(), groupId,
167 mbDiscussion.getClassName(), mbDiscussion.getClassPK(), primaryKey,
168 actionId);
169 }
170
171 }