001
014
015 package com.liferay.portlet.shopping.service.permission;
016
017 import com.liferay.portal.kernel.exception.PortalException;
018 import com.liferay.portal.security.auth.PrincipalException;
019 import com.liferay.portal.security.permission.ActionKeys;
020 import com.liferay.portal.security.permission.PermissionChecker;
021 import com.liferay.portlet.shopping.model.ShoppingOrder;
022 import com.liferay.portlet.shopping.service.ShoppingOrderLocalServiceUtil;
023
024
027 public class ShoppingOrderPermission {
028
029 public static void check(
030 PermissionChecker permissionChecker, long groupId, long orderId,
031 String actionId)
032 throws PortalException {
033
034 if (!contains(permissionChecker, groupId, orderId, actionId)) {
035 throw new PrincipalException();
036 }
037 }
038
039 public static void check(
040 PermissionChecker permissionChecker, long groupId,
041 ShoppingOrder order, String actionId)
042 throws PortalException {
043
044 if (!contains(permissionChecker, groupId, order, actionId)) {
045 throw new PrincipalException();
046 }
047 }
048
049 public static boolean contains(
050 PermissionChecker permissionChecker, long groupId, long orderId,
051 String actionId)
052 throws PortalException {
053
054 ShoppingOrder order = ShoppingOrderLocalServiceUtil.getOrder(orderId);
055
056 return contains(permissionChecker, groupId, order, actionId);
057 }
058
059 public static boolean contains(
060 PermissionChecker permissionChecker, long groupId, ShoppingOrder order,
061 String actionId) {
062
063 if (ShoppingPermission.contains(
064 permissionChecker, groupId, ActionKeys.MANAGE_ORDERS)) {
065
066 return true;
067 }
068
069 if (permissionChecker.hasOwnerPermission(
070 order.getCompanyId(), ShoppingOrder.class.getName(),
071 order.getOrderId(), order.getUserId(), actionId)) {
072
073 return true;
074 }
075
076 return permissionChecker.hasPermission(
077 order.getGroupId(), ShoppingOrder.class.getName(),
078 order.getOrderId(), actionId);
079 }
080
081 }