001
014
015 package com.liferay.portlet.messageboards.service.permission;
016
017 import com.liferay.portal.kernel.exception.PortalException;
018 import com.liferay.portal.kernel.spring.osgi.OSGiBeanProperties;
019 import com.liferay.portal.kernel.workflow.permission.WorkflowPermissionUtil;
020 import com.liferay.portal.security.auth.PrincipalException;
021 import com.liferay.portal.security.permission.ActionKeys;
022 import com.liferay.portal.security.permission.BaseModelPermissionChecker;
023 import com.liferay.portal.security.permission.PermissionChecker;
024 import com.liferay.portal.util.PortletKeys;
025 import com.liferay.portal.util.PropsValues;
026 import com.liferay.portlet.exportimport.staging.permission.StagingPermissionUtil;
027 import com.liferay.portlet.messageboards.NoSuchCategoryException;
028 import com.liferay.portlet.messageboards.model.MBCategory;
029 import com.liferay.portlet.messageboards.model.MBCategoryConstants;
030 import com.liferay.portlet.messageboards.model.MBMessage;
031 import com.liferay.portlet.messageboards.model.MBThread;
032 import com.liferay.portlet.messageboards.service.MBBanLocalServiceUtil;
033 import com.liferay.portlet.messageboards.service.MBCategoryLocalServiceUtil;
034 import com.liferay.portlet.messageboards.service.MBMessageLocalServiceUtil;
035 import com.liferay.portlet.messageboards.service.MBThreadLocalServiceUtil;
036
037
040 @OSGiBeanProperties(
041 property = {
042 "model.class.name=com.liferay.portlet.messageboards.model.MBMessage"
043 }
044 )
045 public class MBMessagePermission implements BaseModelPermissionChecker {
046
047 public static void check(
048 PermissionChecker permissionChecker, long messageId,
049 String actionId)
050 throws PortalException {
051
052 if (!contains(permissionChecker, messageId, actionId)) {
053 throw new PrincipalException();
054 }
055 }
056
057 public static void check(
058 PermissionChecker permissionChecker, MBMessage message,
059 String actionId)
060 throws PortalException {
061
062 if (!contains(permissionChecker, message, actionId)) {
063 throw new PrincipalException();
064 }
065 }
066
067 public static boolean contains(
068 PermissionChecker permissionChecker, long classPK, String actionId)
069 throws PortalException {
070
071 MBThread mbThread = MBThreadLocalServiceUtil.fetchThread(classPK);
072
073 MBMessage message = null;
074
075 if (mbThread == null) {
076 message = MBMessageLocalServiceUtil.getMessage(classPK);
077 }
078 else {
079 message = MBMessageLocalServiceUtil.getMessage(
080 mbThread.getRootMessageId());
081 }
082
083 return contains(permissionChecker, message, actionId);
084 }
085
086 public static boolean contains(
087 PermissionChecker permissionChecker, MBMessage message,
088 String actionId)
089 throws PortalException {
090
091 if (MBBanLocalServiceUtil.hasBan(
092 message.getGroupId(), permissionChecker.getUserId())) {
093
094 return false;
095 }
096
097 Boolean hasPermission = StagingPermissionUtil.hasPermission(
098 permissionChecker, message.getGroupId(), MBMessage.class.getName(),
099 message.getMessageId(), PortletKeys.MESSAGE_BOARDS, actionId);
100
101 if (hasPermission != null) {
102 return hasPermission.booleanValue();
103 }
104
105 if (message.isDraft() || message.isScheduled()) {
106 if (actionId.equals(ActionKeys.VIEW) &&
107 !contains(permissionChecker, message, ActionKeys.UPDATE)) {
108
109 return false;
110 }
111 }
112 else if (message.isPending()) {
113 hasPermission = WorkflowPermissionUtil.hasPermission(
114 permissionChecker, message.getGroupId(),
115 message.getWorkflowClassName(), message.getMessageId(),
116 actionId);
117
118 if (hasPermission != null) {
119 return hasPermission.booleanValue();
120 }
121 }
122
123 if (actionId.equals(ActionKeys.VIEW) &&
124 PropsValues.PERMISSIONS_VIEW_DYNAMIC_INHERITANCE) {
125
126 long categoryId = message.getCategoryId();
127
128 if ((categoryId ==
129 MBCategoryConstants.DEFAULT_PARENT_CATEGORY_ID) ||
130 (categoryId == MBCategoryConstants.DISCUSSION_CATEGORY_ID)) {
131
132 if (!MBPermission.contains(
133 permissionChecker, message.getGroupId(), actionId)) {
134
135 return false;
136 }
137 }
138 else {
139 try {
140 MBCategory category =
141 MBCategoryLocalServiceUtil.getCategory(categoryId);
142
143 if (!MBCategoryPermission.contains(
144 permissionChecker, category, actionId)) {
145
146 return false;
147 }
148 }
149 catch (NoSuchCategoryException nsce) {
150 if (!message.isInTrash()) {
151 throw nsce;
152 }
153 }
154 }
155 }
156
157 if (permissionChecker.hasOwnerPermission(
158 message.getCompanyId(), MBMessage.class.getName(),
159 message.getRootMessageId(), message.getUserId(), actionId)) {
160
161 return true;
162 }
163
164 return permissionChecker.hasPermission(
165 message.getGroupId(), MBMessage.class.getName(),
166 message.getMessageId(), actionId);
167 }
168
169 @Override
170 public void checkBaseModel(
171 PermissionChecker permissionChecker, long groupId, long primaryKey,
172 String actionId)
173 throws PortalException {
174
175 check(permissionChecker, primaryKey, actionId);
176 }
177
178 }