001    /**
002     * Copyright (c) 2000-present Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.security.permission;
016    
017    import aQute.bnd.annotation.ProviderType;
018    
019    import com.liferay.portal.model.User;
020    
021    import java.util.List;
022    
023    import javax.portlet.PortletRequest;
024    
025    /**
026     * @author Brian Wing Shun Chan
027     */
028    @ProviderType
029    public interface PermissionChecker extends Cloneable {
030    
031            public static final long[] DEFAULT_ROLE_IDS = {};
032    
033            public PermissionChecker clone();
034    
035            /**
036             * Returns the primary key of the user's company.
037             *
038             * @return the primary key of the user's company
039             */
040            public long getCompanyId();
041    
042            public List<Long> getGuestResourceBlockIds(
043                    long companyId, long groupId, String name, String actionId);
044    
045            public List<Long> getOwnerResourceBlockIds(
046                    long companyId, long groupId, String name, String actionId);
047    
048            /**
049             * Returns the primary key of the owner role. This role is automatically
050             * given to the creator of a resource.
051             *
052             * @return the primary key of the owner role
053             */
054            public long getOwnerRoleId();
055    
056            public List<Long> getResourceBlockIds(
057                    long companyId, long groupId, long userId, String name,
058                    String actionId);
059    
060            /**
061             * Returns the primary keys of the roles the user has within the group.
062             *
063             * @param  userId the primary key of the user
064             * @param  groupId the primary key of the group
065             * @return the primary keys of the roles the user has within the group
066             */
067            public long[] getRoleIds(long userId, long groupId);
068    
069            public User getUser();
070    
071            /**
072             * Returns the primary key of the user.
073             *
074             * @return the primary key of the user
075             */
076            public long getUserId();
077    
078            /**
079             * Returns <code>true</code> if the user is the owner of the resource and
080             * has permission to perform the action.
081             *
082             * @param  companyId the primary key of the user's company
083             * @param  name the resource's name, which can be either a class name or a
084             *         portlet ID
085             * @param  primKey the primary key of the resource
086             * @param  ownerId the primary key of the resource's owner
087             * @param  actionId the action ID
088             * @return <code>true</code> if the user is the owner of the resource and
089             *         has permission to perform the action; <code>false</code>
090             *         otherwise
091             */
092            public boolean hasOwnerPermission(
093                    long companyId, String name, long primKey, long ownerId,
094                    String actionId);
095    
096            /**
097             * Returns <code>true</code> if the user is the owner of the resource and
098             * has permission to perform the action.
099             *
100             * @param  companyId the primary key of the user's company
101             * @param  name the resource's name, which can be either a class name or a
102             *         portlet ID
103             * @param  primKey the primary key of the resource
104             * @param  ownerId the primary key of the resource's owner
105             * @param  actionId the action ID
106             * @return <code>true</code> if the user is the owner of the resource and
107             *         has permission to perform the action; <code>false</code>
108             *         otherwise
109             */
110            public boolean hasOwnerPermission(
111                    long companyId, String name, String primKey, long ownerId,
112                    String actionId);
113    
114            /**
115             * Returns <code>true</code> if the user has permission to perform the
116             * action on the resource.
117             *
118             * @param  groupId the primary key of the group containing the resource
119             * @param  name the resource's name, which can be either a class name or a
120             *         portlet ID
121             * @param  primKey the primary key of the resource
122             * @param  actionId the action ID
123             * @return <code>true</code> if the user has permission to perform the
124             *         action on the resource; <code>false</code> otherwise
125             */
126            public boolean hasPermission(
127                    long groupId, String name, long primKey, String actionId);
128    
129            /**
130             * Returns <code>true</code> if the user has permission to perform the
131             * action on the resource.
132             *
133             * @param  groupId the primary key of the group containing the resource
134             * @param  name the resource's name, which can be either a class name or a
135             *         portlet ID
136             * @param  primKey the primary key of the resource
137             * @param  actionId the action ID
138             * @return <code>true</code> if the user has permission to perform the
139             *         action on the resource; <code>false</code> otherwise
140             */
141            public boolean hasPermission(
142                    long groupId, String name, String primKey, String actionId);
143    
144            /**
145             * Returns <code>true</code> if the user has permission to perform the
146             * action on the resource without using guest permissions.
147             *
148             * @param  groupId the primary key of the group containing the resource
149             * @param  name the resource's name, which can be either a class name or a
150             *         portlet ID
151             * @param  primKey the primary key of the resource
152             * @param  actionId the action ID
153             * @param  checkAdmin whether to use permissions gained from administrator
154             *         roles
155             * @return <code>true</code> if the user has permission to perform the
156             *         action on the resource without using guest permissions;
157             *         <code>false</code> otherwise
158             */
159            public boolean hasUserPermission(
160                    long groupId, String name, String primKey, String actionId,
161                    boolean checkAdmin);
162    
163            /**
164             * Initializes this permission checker.
165             *
166             * @param user the current user
167             */
168            public void init(User user);
169    
170            /**
171             * Returns <code>true</code> if guest permissions will be used in permission
172             * checks.
173             *
174             * @return <code>true</code> if guest permissions will be used in permission
175             *         checks; <code>false</code> otherwise
176             */
177            public boolean isCheckGuest();
178    
179            /**
180             * @deprecated As of 6.1.0, renamed to {@link #isGroupAdmin(long)}
181             */
182            @Deprecated
183            public boolean isCommunityAdmin(long groupId);
184    
185            /**
186             * @deprecated As of 6.1.0, renamed to {@link #isGroupOwner(long)}
187             */
188            @Deprecated
189            public boolean isCommunityOwner(long groupId);
190    
191            /**
192             * Returns <code>true</code> if the user is an administrator of their
193             * company.
194             *
195             * @return <code>true</code> if the user is an administrator of their
196             *         company; <code>false</code> otherwise
197             */
198            public boolean isCompanyAdmin();
199    
200            /**
201             * Returns <code>true</code> if the user is an administrator of the company.
202             *
203             * @param  companyId the primary key of the company
204             * @return <code>true</code> if the user is an administrator of the company;
205             *         <code>false</code> otherwise
206             */
207            public boolean isCompanyAdmin(long companyId);
208    
209            /**
210             * Returns <code>true</code> if the user is a content reviewer or has
211             * sufficient permissions to review content (i.e. the user is a company or
212             * group administrator).
213             *
214             * @param  companyId the primary key of the company
215             * @param  groupId the primary key of the group
216             * @return <code>true</code> if the user is a reviewer or has sufficient
217             *         permissions to review content; <code>false</code> otherwise
218             */
219            public boolean isContentReviewer(long companyId, long groupId);
220    
221            /**
222             * Returns <code>true</code> if the user is an administrator of the group.
223             *
224             * @param  groupId the primary key of the group
225             * @return <code>true</code> if the user is an administrator of the group;
226             *         <code>false</code> otherwise
227             */
228            public boolean isGroupAdmin(long groupId);
229    
230            /**
231             * Returns <code>true</code> if the user is a member of the group.
232             *
233             * @param  groupId the primary key of the group
234             * @return <code>true</code> if the user is a member of the group;
235             *         <code>false</code> otherwise
236             */
237            public boolean isGroupMember(long groupId);
238    
239            /**
240             * Returns <code>true</code> if the user is the owner of the group.
241             *
242             * @param  groupId the primary key of the group
243             * @return <code>true</code> if the user is the owner of the group;
244             *         <code>false</code> otherwise
245             */
246            public boolean isGroupOwner(long groupId);
247    
248            /**
249             * Returns <code>true</code> if the user is a universal administrator.
250             *
251             * @return <code>true</code> if the user is a universal administrator;
252             *         <code>false</code> otherwise
253             * @see    com.liferay.portlet.admin.util.OmniadminUtil
254             */
255            public boolean isOmniadmin();
256    
257            /**
258             * Returns <code>true</code> if the user is an administrator of the
259             * organization.
260             *
261             * @param  organizationId the primary key of the organization
262             * @return <code>true</code> if the user is an administrator of the
263             *         organization; <code>false</code> otherwise
264             */
265            public boolean isOrganizationAdmin(long organizationId);
266    
267            /**
268             * Returns <code>true</code> if the user is an owner of the organization.
269             *
270             * @param  organizationId the primary key of the organization
271             * @return <code>true</code> if the user is an owner of the organization;
272             *         <code>false</code> otherwise
273             */
274            public boolean isOrganizationOwner(long organizationId);
275    
276            /**
277             * Returns <code>true</code> if the user is signed in.
278             *
279             * @return <code>true</code> if the user is signed in; <code>false</code>
280             *         otherwise
281             */
282            public boolean isSignedIn();
283    
284            /**
285             * @deprecated As of 6.2.0, does nothing
286             */
287            @Deprecated
288            public void resetValues();
289    
290            /**
291             * @deprecated As of 6.2.0, does nothing
292             */
293            @Deprecated
294            public void setValues(PortletRequest portletRequest);
295    
296    }