001 /** 002 * Copyright (c) 2000-present Liferay, Inc. All rights reserved. 003 * 004 * This library is free software; you can redistribute it and/or modify it under 005 * the terms of the GNU Lesser General Public License as published by the Free 006 * Software Foundation; either version 2.1 of the License, or (at your option) 007 * any later version. 008 * 009 * This library is distributed in the hope that it will be useful, but WITHOUT 010 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS 011 * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more 012 * details. 013 */ 014 015 package com.liferay.portal.security.permission; 016 017 import aQute.bnd.annotation.ProviderType; 018 019 import com.liferay.portal.model.User; 020 021 import java.util.List; 022 023 import javax.portlet.PortletRequest; 024 025 /** 026 * @author Brian Wing Shun Chan 027 */ 028 @ProviderType 029 public interface PermissionChecker extends Cloneable { 030 031 public static final long[] DEFAULT_ROLE_IDS = {}; 032 033 public PermissionChecker clone(); 034 035 /** 036 * Returns the primary key of the user's company. 037 * 038 * @return the primary key of the user's company 039 */ 040 public long getCompanyId(); 041 042 public List<Long> getGuestResourceBlockIds( 043 long companyId, long groupId, String name, String actionId); 044 045 public List<Long> getOwnerResourceBlockIds( 046 long companyId, long groupId, String name, String actionId); 047 048 /** 049 * Returns the primary key of the owner role. This role is automatically 050 * given to the creator of a resource. 051 * 052 * @return the primary key of the owner role 053 */ 054 public long getOwnerRoleId(); 055 056 public List<Long> getResourceBlockIds( 057 long companyId, long groupId, long userId, String name, 058 String actionId); 059 060 /** 061 * Returns the primary keys of the roles the user has within the group. 062 * 063 * @param userId the primary key of the user 064 * @param groupId the primary key of the group 065 * @return the primary keys of the roles the user has within the group 066 */ 067 public long[] getRoleIds(long userId, long groupId); 068 069 public User getUser(); 070 071 /** 072 * Returns the primary key of the user. 073 * 074 * @return the primary key of the user 075 */ 076 public long getUserId(); 077 078 /** 079 * Returns <code>true</code> if the user is the owner of the resource and 080 * has permission to perform the action. 081 * 082 * @param companyId the primary key of the user's company 083 * @param name the resource's name, which can be either a class name or a 084 * portlet ID 085 * @param primKey the primary key of the resource 086 * @param ownerId the primary key of the resource's owner 087 * @param actionId the action ID 088 * @return <code>true</code> if the user is the owner of the resource and 089 * has permission to perform the action; <code>false</code> 090 * otherwise 091 */ 092 public boolean hasOwnerPermission( 093 long companyId, String name, long primKey, long ownerId, 094 String actionId); 095 096 /** 097 * Returns <code>true</code> if the user is the owner of the resource and 098 * has permission to perform the action. 099 * 100 * @param companyId the primary key of the user's company 101 * @param name the resource's name, which can be either a class name or a 102 * portlet ID 103 * @param primKey the primary key of the resource 104 * @param ownerId the primary key of the resource's owner 105 * @param actionId the action ID 106 * @return <code>true</code> if the user is the owner of the resource and 107 * has permission to perform the action; <code>false</code> 108 * otherwise 109 */ 110 public boolean hasOwnerPermission( 111 long companyId, String name, String primKey, long ownerId, 112 String actionId); 113 114 /** 115 * Returns <code>true</code> if the user has permission to perform the 116 * action on the resource. 117 * 118 * @param groupId the primary key of the group containing the resource 119 * @param name the resource's name, which can be either a class name or a 120 * portlet ID 121 * @param primKey the primary key of the resource 122 * @param actionId the action ID 123 * @return <code>true</code> if the user has permission to perform the 124 * action on the resource; <code>false</code> otherwise 125 */ 126 public boolean hasPermission( 127 long groupId, String name, long primKey, String actionId); 128 129 /** 130 * Returns <code>true</code> if the user has permission to perform the 131 * action on the resource. 132 * 133 * @param groupId the primary key of the group containing the resource 134 * @param name the resource's name, which can be either a class name or a 135 * portlet ID 136 * @param primKey the primary key of the resource 137 * @param actionId the action ID 138 * @return <code>true</code> if the user has permission to perform the 139 * action on the resource; <code>false</code> otherwise 140 */ 141 public boolean hasPermission( 142 long groupId, String name, String primKey, String actionId); 143 144 /** 145 * Returns <code>true</code> if the user has permission to perform the 146 * action on the resource without using guest permissions. 147 * 148 * @param groupId the primary key of the group containing the resource 149 * @param name the resource's name, which can be either a class name or a 150 * portlet ID 151 * @param primKey the primary key of the resource 152 * @param actionId the action ID 153 * @param checkAdmin whether to use permissions gained from administrator 154 * roles 155 * @return <code>true</code> if the user has permission to perform the 156 * action on the resource without using guest permissions; 157 * <code>false</code> otherwise 158 */ 159 public boolean hasUserPermission( 160 long groupId, String name, String primKey, String actionId, 161 boolean checkAdmin); 162 163 /** 164 * Initializes this permission checker. 165 * 166 * @param user the current user 167 */ 168 public void init(User user); 169 170 /** 171 * Returns <code>true</code> if guest permissions will be used in permission 172 * checks. 173 * 174 * @return <code>true</code> if guest permissions will be used in permission 175 * checks; <code>false</code> otherwise 176 */ 177 public boolean isCheckGuest(); 178 179 /** 180 * @deprecated As of 6.1.0, renamed to {@link #isGroupAdmin(long)} 181 */ 182 @Deprecated 183 public boolean isCommunityAdmin(long groupId); 184 185 /** 186 * @deprecated As of 6.1.0, renamed to {@link #isGroupOwner(long)} 187 */ 188 @Deprecated 189 public boolean isCommunityOwner(long groupId); 190 191 /** 192 * Returns <code>true</code> if the user is an administrator of their 193 * company. 194 * 195 * @return <code>true</code> if the user is an administrator of their 196 * company; <code>false</code> otherwise 197 */ 198 public boolean isCompanyAdmin(); 199 200 /** 201 * Returns <code>true</code> if the user is an administrator of the company. 202 * 203 * @param companyId the primary key of the company 204 * @return <code>true</code> if the user is an administrator of the company; 205 * <code>false</code> otherwise 206 */ 207 public boolean isCompanyAdmin(long companyId); 208 209 /** 210 * Returns <code>true</code> if the user is a content reviewer or has 211 * sufficient permissions to review content (i.e. the user is a company or 212 * group administrator). 213 * 214 * @param companyId the primary key of the company 215 * @param groupId the primary key of the group 216 * @return <code>true</code> if the user is a reviewer or has sufficient 217 * permissions to review content; <code>false</code> otherwise 218 */ 219 public boolean isContentReviewer(long companyId, long groupId); 220 221 /** 222 * Returns <code>true</code> if the user is an administrator of the group. 223 * 224 * @param groupId the primary key of the group 225 * @return <code>true</code> if the user is an administrator of the group; 226 * <code>false</code> otherwise 227 */ 228 public boolean isGroupAdmin(long groupId); 229 230 /** 231 * Returns <code>true</code> if the user is a member of the group. 232 * 233 * @param groupId the primary key of the group 234 * @return <code>true</code> if the user is a member of the group; 235 * <code>false</code> otherwise 236 */ 237 public boolean isGroupMember(long groupId); 238 239 /** 240 * Returns <code>true</code> if the user is the owner of the group. 241 * 242 * @param groupId the primary key of the group 243 * @return <code>true</code> if the user is the owner of the group; 244 * <code>false</code> otherwise 245 */ 246 public boolean isGroupOwner(long groupId); 247 248 /** 249 * Returns <code>true</code> if the user is a universal administrator. 250 * 251 * @return <code>true</code> if the user is a universal administrator; 252 * <code>false</code> otherwise 253 * @see com.liferay.portlet.admin.util.OmniadminUtil 254 */ 255 public boolean isOmniadmin(); 256 257 /** 258 * Returns <code>true</code> if the user is an administrator of the 259 * organization. 260 * 261 * @param organizationId the primary key of the organization 262 * @return <code>true</code> if the user is an administrator of the 263 * organization; <code>false</code> otherwise 264 */ 265 public boolean isOrganizationAdmin(long organizationId); 266 267 /** 268 * Returns <code>true</code> if the user is an owner of the organization. 269 * 270 * @param organizationId the primary key of the organization 271 * @return <code>true</code> if the user is an owner of the organization; 272 * <code>false</code> otherwise 273 */ 274 public boolean isOrganizationOwner(long organizationId); 275 276 /** 277 * Returns <code>true</code> if the user is signed in. 278 * 279 * @return <code>true</code> if the user is signed in; <code>false</code> 280 * otherwise 281 */ 282 public boolean isSignedIn(); 283 284 /** 285 * @deprecated As of 6.2.0, does nothing 286 */ 287 @Deprecated 288 public void resetValues(); 289 290 /** 291 * @deprecated As of 6.2.0, does nothing 292 */ 293 @Deprecated 294 public void setValues(PortletRequest portletRequest); 295 296 }