001
014
015 package com.liferay.portlet.documentlibrary.service.permission;
016
017 import com.liferay.portal.kernel.exception.PortalException;
018 import com.liferay.portal.kernel.repository.model.Folder;
019 import com.liferay.portal.kernel.spring.osgi.OSGiBeanProperties;
020 import com.liferay.portal.security.auth.PrincipalException;
021 import com.liferay.portal.security.permission.ActionKeys;
022 import com.liferay.portal.security.permission.BaseModelPermissionChecker;
023 import com.liferay.portal.security.permission.PermissionChecker;
024 import com.liferay.portal.util.PortletKeys;
025 import com.liferay.portal.util.PropsValues;
026 import com.liferay.portlet.documentlibrary.NoSuchFolderException;
027 import com.liferay.portlet.documentlibrary.model.DLFolder;
028 import com.liferay.portlet.documentlibrary.model.DLFolderConstants;
029 import com.liferay.portlet.documentlibrary.service.DLAppLocalServiceUtil;
030 import com.liferay.portlet.documentlibrary.service.DLFolderLocalServiceUtil;
031 import com.liferay.portlet.exportimport.staging.permission.StagingPermissionUtil;
032
033
036 @OSGiBeanProperties(
037 property = {
038 "model.class.name=com.liferay.portlet.documentlibrary.model.DLFolder"
039 }
040 )
041 public class DLFolderPermission implements BaseModelPermissionChecker {
042
043 public static void check(
044 PermissionChecker permissionChecker, DLFolder dlFolder,
045 String actionId)
046 throws PortalException {
047
048 if (!contains(permissionChecker, dlFolder, actionId)) {
049 throw new PrincipalException();
050 }
051 }
052
053 public static void check(
054 PermissionChecker permissionChecker, Folder folder, String actionId)
055 throws PortalException {
056
057 if (!folder.containsPermission(permissionChecker, actionId)) {
058 throw new PrincipalException();
059 }
060 }
061
062 public static void check(
063 PermissionChecker permissionChecker, long groupId, long folderId,
064 String actionId)
065 throws PortalException {
066
067 if (!contains(permissionChecker, groupId, folderId, actionId)) {
068 throw new PrincipalException();
069 }
070 }
071
072 public static boolean contains(
073 PermissionChecker permissionChecker, DLFolder dlFolder,
074 String actionId)
075 throws PortalException {
076
077 if (actionId.equals(ActionKeys.ADD_FOLDER)) {
078 actionId = ActionKeys.ADD_SUBFOLDER;
079 }
080
081 Boolean hasPermission = StagingPermissionUtil.hasPermission(
082 permissionChecker, dlFolder.getGroupId(), DLFolder.class.getName(),
083 dlFolder.getFolderId(), PortletKeys.DOCUMENT_LIBRARY, actionId);
084
085 if (hasPermission != null) {
086 return hasPermission.booleanValue();
087 }
088
089 if (actionId.equals(ActionKeys.VIEW) &&
090 PropsValues.PERMISSIONS_VIEW_DYNAMIC_INHERITANCE) {
091
092 try {
093 long dlFolderId = dlFolder.getFolderId();
094
095 while (dlFolderId !=
096 DLFolderConstants.DEFAULT_PARENT_FOLDER_ID) {
097
098 dlFolder = DLFolderLocalServiceUtil.getFolder(dlFolderId);
099
100 if (!_hasPermission(
101 permissionChecker, dlFolder, actionId)) {
102
103 return false;
104 }
105
106 dlFolderId = dlFolder.getParentFolderId();
107 }
108 }
109 catch (NoSuchFolderException nsfe) {
110 if (!dlFolder.isInTrash()) {
111 throw nsfe;
112 }
113 }
114
115 return DLPermission.contains(
116 permissionChecker, dlFolder.getGroupId(), actionId);
117 }
118
119 return _hasPermission(permissionChecker, dlFolder, actionId);
120 }
121
122 public static boolean contains(
123 PermissionChecker permissionChecker, Folder folder, String actionId)
124 throws PortalException {
125
126 return folder.containsPermission(permissionChecker, actionId);
127 }
128
129 public static boolean contains(
130 PermissionChecker permissionChecker, long groupId, long folderId,
131 String actionId)
132 throws PortalException {
133
134 if (folderId == DLFolderConstants.DEFAULT_PARENT_FOLDER_ID) {
135
136
137
138
139 if (actionId.equals(ActionKeys.ACCESS) ||
140 actionId.equals(ActionKeys.ADD_SUBFOLDER) ||
141 actionId.equals(ActionKeys.DELETE)) {
142
143 return false;
144 }
145
146 return DLPermission.contains(permissionChecker, groupId, actionId);
147 }
148
149 Folder folder = DLAppLocalServiceUtil.getFolder(folderId);
150
151 return folder.containsPermission(permissionChecker, actionId);
152 }
153
154 @Override
155 public void checkBaseModel(
156 PermissionChecker permissionChecker, long groupId, long primaryKey,
157 String actionId)
158 throws PortalException {
159
160 check(permissionChecker, groupId, primaryKey, actionId);
161 }
162
163 private static boolean _hasPermission(
164 PermissionChecker permissionChecker, DLFolder dlFolder,
165 String actionId) {
166
167 if (permissionChecker.hasOwnerPermission(
168 dlFolder.getCompanyId(), DLFolder.class.getName(),
169 dlFolder.getFolderId(), dlFolder.getUserId(), actionId) ||
170 permissionChecker.hasPermission(
171 dlFolder.getGroupId(), DLFolder.class.getName(),
172 dlFolder.getFolderId(), actionId)) {
173
174 return true;
175 }
176
177 return false;
178 }
179
180 }