001
014
015 package com.liferay.portlet.messageboards.service.permission;
016
017 import com.liferay.portal.kernel.exception.PortalException;
018 import com.liferay.portal.kernel.spring.osgi.OSGiBeanProperties;
019 import com.liferay.portal.kernel.workflow.WorkflowInstance;
020 import com.liferay.portal.kernel.workflow.permission.WorkflowPermissionUtil;
021 import com.liferay.portal.security.auth.PrincipalException;
022 import com.liferay.portal.security.permission.ActionKeys;
023 import com.liferay.portal.security.permission.BaseModelPermissionChecker;
024 import com.liferay.portal.security.permission.BaseModelPermissionCheckerUtil;
025 import com.liferay.portal.security.permission.PermissionChecker;
026 import com.liferay.portal.security.permission.ResourceActionsUtil;
027 import com.liferay.portal.util.PortletKeys;
028 import com.liferay.portal.util.PropsValues;
029 import com.liferay.portlet.exportimport.staging.permission.StagingPermissionUtil;
030 import com.liferay.portlet.messageboards.model.MBDiscussion;
031 import com.liferay.portlet.messageboards.model.MBMessage;
032 import com.liferay.portlet.messageboards.service.MBBanLocalServiceUtil;
033 import com.liferay.portlet.messageboards.service.MBDiscussionLocalServiceUtil;
034 import com.liferay.portlet.messageboards.service.MBMessageLocalServiceUtil;
035
036 import java.util.List;
037
038
043 @OSGiBeanProperties(
044 property = {
045 "model.class.name=com.liferay.portlet.messageboards.model.MBDiscussion"
046 }
047 )
048 public class MBDiscussionPermission implements BaseModelPermissionChecker {
049
050 public static void check(
051 PermissionChecker permissionChecker, long companyId, long groupId,
052 String className, long classPK, String actionId)
053 throws PortalException {
054
055 if (!contains(
056 permissionChecker, companyId, groupId, className, classPK,
057 actionId)) {
058
059 throw new PrincipalException();
060 }
061 }
062
063 public static void check(
064 PermissionChecker permissionChecker, long messageId,
065 String actionId)
066 throws PortalException {
067
068 if (!contains(permissionChecker, messageId, actionId)) {
069 throw new PrincipalException();
070 }
071 }
072
073 public static boolean contains(
074 PermissionChecker permissionChecker, long companyId, long groupId,
075 String className, long classPK, String actionId) {
076
077 if (MBBanLocalServiceUtil.hasBan(
078 groupId, permissionChecker.getUserId())) {
079
080 return false;
081 }
082
083 Boolean hasPermission = StagingPermissionUtil.hasPermission(
084 permissionChecker, groupId, className, classPK,
085 PortletKeys.MESSAGE_BOARDS, actionId);
086
087 if (hasPermission != null) {
088 return hasPermission.booleanValue();
089 }
090
091 List<String> resourceActions = ResourceActionsUtil.getResourceActions(
092 className);
093
094 if (!resourceActions.contains(actionId)) {
095 return true;
096 }
097
098 MBDiscussion mbDiscussion =
099 MBDiscussionLocalServiceUtil.fetchDiscussion(className, classPK);
100
101 if (mbDiscussion == null) {
102 return false;
103 }
104
105 if ((mbDiscussion.getUserId() > 0) &&
106 permissionChecker.hasOwnerPermission(
107 companyId, className, classPK, mbDiscussion.getUserId(),
108 actionId)) {
109
110 return true;
111 }
112
113 hasPermission =
114 BaseModelPermissionCheckerUtil.containsBaseModelPermission(
115 permissionChecker, groupId, className, classPK, actionId);
116
117 if (hasPermission != null) {
118 return hasPermission.booleanValue();
119 }
120
121 return permissionChecker.hasPermission(
122 groupId, className, classPK, actionId);
123 }
124
125 public static boolean contains(
126 PermissionChecker permissionChecker, long messageId,
127 String actionId)
128 throws PortalException {
129
130 MBMessage message = MBMessageLocalServiceUtil.getMessage(messageId);
131
132 String className = message.getClassName();
133
134 if (className.equals(WorkflowInstance.class.getName())) {
135 return permissionChecker.hasPermission(
136 message.getGroupId(), PortletKeys.WORKFLOW_DEFINITION,
137 message.getGroupId(), ActionKeys.VIEW);
138 }
139
140 if (PropsValues.DISCUSSION_COMMENTS_ALWAYS_EDITABLE_BY_OWNER &&
141 (permissionChecker.getUserId() == message.getUserId())) {
142
143 return true;
144 }
145
146 if (message.isPending()) {
147 Boolean hasPermission = WorkflowPermissionUtil.hasPermission(
148 permissionChecker, message.getGroupId(),
149 message.getWorkflowClassName(), message.getMessageId(),
150 actionId);
151
152 if (hasPermission != null) {
153 return hasPermission.booleanValue();
154 }
155 }
156
157 return contains(
158 permissionChecker, message.getCompanyId(), message.getGroupId(),
159 className, message.getClassPK(), actionId);
160 }
161
162 @Override
163 public void checkBaseModel(
164 PermissionChecker permissionChecker, long groupId, long primaryKey,
165 String actionId)
166 throws PortalException {
167
168 MBDiscussion mbDiscussion =
169 MBDiscussionLocalServiceUtil.getMBDiscussion(primaryKey);
170
171 check(
172 permissionChecker, mbDiscussion.getCompanyId(), groupId,
173 mbDiscussion.getClassName(), mbDiscussion.getClassPK(), actionId);
174 }
175
176 }