001
014
015 package com.liferay.portlet.journal.service.permission;
016
017 import com.liferay.portal.kernel.exception.PortalException;
018 import com.liferay.portal.kernel.portlet.PortletProvider;
019 import com.liferay.portal.kernel.portlet.PortletProviderUtil;
020 import com.liferay.portal.kernel.spring.osgi.OSGiBeanProperties;
021 import com.liferay.portal.security.auth.PrincipalException;
022 import com.liferay.portal.security.permission.ActionKeys;
023 import com.liferay.portal.security.permission.BaseModelPermissionChecker;
024 import com.liferay.portal.security.permission.PermissionChecker;
025 import com.liferay.portal.util.PropsValues;
026 import com.liferay.portlet.exportimport.staging.permission.StagingPermissionUtil;
027 import com.liferay.portlet.journal.NoSuchFolderException;
028 import com.liferay.portlet.journal.model.JournalArticle;
029 import com.liferay.portlet.journal.model.JournalFolder;
030 import com.liferay.portlet.journal.model.JournalFolderConstants;
031 import com.liferay.portlet.journal.service.JournalFolderLocalServiceUtil;
032
033
037 @OSGiBeanProperties(
038 property = {
039 "model.class.name=com.liferay.portlet.journal.model.JournalFolder"
040 }
041 )
042 public class JournalFolderPermission implements BaseModelPermissionChecker {
043
044 public static void check(
045 PermissionChecker permissionChecker, JournalFolder folder,
046 String actionId)
047 throws PortalException {
048
049 if (!contains(permissionChecker, folder, actionId)) {
050 throw new PrincipalException();
051 }
052 }
053
054 public static void check(
055 PermissionChecker permissionChecker, long groupId, long folderId,
056 String actionId)
057 throws PortalException {
058
059 if (!contains(permissionChecker, groupId, folderId, actionId)) {
060 throw new PrincipalException();
061 }
062 }
063
064 public static boolean contains(
065 PermissionChecker permissionChecker, JournalFolder folder,
066 String actionId)
067 throws PortalException {
068
069 String portletId = PortletProviderUtil.getPortletId(
070 JournalArticle.class.getName(), PortletProvider.Action.EDIT);
071
072 if (actionId.equals(ActionKeys.ADD_FOLDER)) {
073 actionId = ActionKeys.ADD_SUBFOLDER;
074 }
075
076 Boolean hasPermission = StagingPermissionUtil.hasPermission(
077 permissionChecker, folder.getGroupId(),
078 JournalFolder.class.getName(), folder.getFolderId(), portletId,
079 actionId);
080
081 if (hasPermission != null) {
082 return hasPermission.booleanValue();
083 }
084
085 if (actionId.equals(ActionKeys.VIEW) &&
086 PropsValues.PERMISSIONS_VIEW_DYNAMIC_INHERITANCE) {
087
088 try {
089 long folderId = folder.getFolderId();
090
091 while (folderId !=
092 JournalFolderConstants.DEFAULT_PARENT_FOLDER_ID) {
093
094 folder = JournalFolderLocalServiceUtil.getFolder(folderId);
095
096 if (!_hasPermission(permissionChecker, folder, actionId)) {
097 return false;
098 }
099
100 folderId = folder.getParentFolderId();
101 }
102 }
103 catch (NoSuchFolderException nsfe) {
104 if (!folder.isInTrash()) {
105 throw nsfe;
106 }
107 }
108
109 return JournalPermission.contains(
110 permissionChecker, folder.getGroupId(), actionId);
111 }
112
113 return _hasPermission(permissionChecker, folder, actionId);
114 }
115
116 public static boolean contains(
117 PermissionChecker permissionChecker, long groupId, long folderId,
118 String actionId)
119 throws PortalException {
120
121 if (folderId == JournalFolderConstants.DEFAULT_PARENT_FOLDER_ID) {
122 return JournalPermission.contains(
123 permissionChecker, groupId, actionId);
124 }
125 else {
126 JournalFolder folder =
127 JournalFolderLocalServiceUtil.getJournalFolder(folderId);
128
129 return contains(permissionChecker, folder, actionId);
130 }
131 }
132
133 @Override
134 public void checkBaseModel(
135 PermissionChecker permissionChecker, long groupId, long primaryKey,
136 String actionId)
137 throws PortalException {
138
139 check(permissionChecker, groupId, primaryKey, actionId);
140 }
141
142 private static boolean _hasPermission(
143 PermissionChecker permissionChecker, JournalFolder folder,
144 String actionId) {
145
146 if (permissionChecker.hasOwnerPermission(
147 folder.getCompanyId(), JournalFolder.class.getName(),
148 folder.getFolderId(), folder.getUserId(), actionId) ||
149 permissionChecker.hasPermission(
150 folder.getGroupId(), JournalFolder.class.getName(),
151 folder.getFolderId(), actionId)) {
152
153 return true;
154 }
155
156 return false;
157 }
158
159 }