001
014
015 package com.liferay.portlet.journal.service.permission;
016
017 import com.liferay.portal.kernel.exception.PortalException;
018 import com.liferay.portal.kernel.portlet.PortletProvider;
019 import com.liferay.portal.kernel.portlet.PortletProviderUtil;
020 import com.liferay.portal.kernel.spring.osgi.OSGiBeanProperties;
021 import com.liferay.portal.kernel.workflow.permission.WorkflowPermissionUtil;
022 import com.liferay.portal.security.auth.PrincipalException;
023 import com.liferay.portal.security.permission.ActionKeys;
024 import com.liferay.portal.security.permission.BaseModelPermissionChecker;
025 import com.liferay.portal.security.permission.PermissionChecker;
026 import com.liferay.portal.util.PropsValues;
027 import com.liferay.portlet.exportimport.staging.permission.StagingPermissionUtil;
028 import com.liferay.portlet.journal.NoSuchFolderException;
029 import com.liferay.portlet.journal.model.JournalArticle;
030 import com.liferay.portlet.journal.model.JournalFolder;
031 import com.liferay.portlet.journal.model.JournalFolderConstants;
032 import com.liferay.portlet.journal.service.JournalArticleLocalServiceUtil;
033 import com.liferay.portlet.journal.service.JournalFolderLocalServiceUtil;
034
035
039 @OSGiBeanProperties(
040 property = {
041 "model.class.name=com.liferay.portlet.journal.model.JournalArticle"
042 }
043 )
044 public class JournalArticlePermission implements BaseModelPermissionChecker {
045
046 public static void check(
047 PermissionChecker permissionChecker, JournalArticle article,
048 String actionId)
049 throws PortalException {
050
051 if (!contains(permissionChecker, article, actionId)) {
052 throw new PrincipalException();
053 }
054 }
055
056 public static void check(
057 PermissionChecker permissionChecker, long resourcePrimKey,
058 String actionId)
059 throws PortalException {
060
061 if (!contains(permissionChecker, resourcePrimKey, actionId)) {
062 throw new PrincipalException();
063 }
064 }
065
066 public static void check(
067 PermissionChecker permissionChecker, long groupId, String articleId,
068 double version, String actionId)
069 throws PortalException {
070
071 if (!contains(
072 permissionChecker, groupId, articleId, version, actionId)) {
073
074 throw new PrincipalException();
075 }
076 }
077
078 public static void check(
079 PermissionChecker permissionChecker, long groupId, String articleId,
080 int status, String actionId)
081 throws PortalException {
082
083 if (!contains(
084 permissionChecker, groupId, articleId, status, actionId)) {
085
086 throw new PrincipalException();
087 }
088 }
089
090 public static void check(
091 PermissionChecker permissionChecker, long groupId, String articleId,
092 String actionId)
093 throws PortalException {
094
095 if (!contains(permissionChecker, groupId, articleId, actionId)) {
096 throw new PrincipalException();
097 }
098 }
099
100 public static boolean contains(
101 PermissionChecker permissionChecker, JournalArticle article,
102 String actionId)
103 throws PortalException {
104
105 String portletId = PortletProviderUtil.getPortletId(
106 JournalArticle.class.getName(), PortletProvider.Action.EDIT);
107
108 Boolean hasPermission = StagingPermissionUtil.hasPermission(
109 permissionChecker, article.getGroupId(),
110 JournalArticle.class.getName(), article.getResourcePrimKey(),
111 portletId, actionId);
112
113 if (hasPermission != null) {
114 return hasPermission.booleanValue();
115 }
116
117 if (article.isDraft()) {
118 if (actionId.equals(ActionKeys.VIEW) &&
119 !contains(permissionChecker, article, ActionKeys.UPDATE)) {
120
121 return false;
122 }
123 }
124 else if (article.isPending()) {
125 hasPermission = WorkflowPermissionUtil.hasPermission(
126 permissionChecker, article.getGroupId(),
127 JournalArticle.class.getName(), article.getResourcePrimKey(),
128 actionId);
129
130 if (hasPermission != null) {
131 return hasPermission.booleanValue();
132 }
133 }
134
135 if (actionId.equals(ActionKeys.VIEW) &&
136 !PropsValues.JOURNAL_ARTICLE_VIEW_PERMISSION_CHECK_ENABLED) {
137
138 return true;
139 }
140
141 if (actionId.equals(ActionKeys.VIEW) &&
142 PropsValues.PERMISSIONS_VIEW_DYNAMIC_INHERITANCE) {
143
144 long folderId = article.getFolderId();
145
146 if (folderId == JournalFolderConstants.DEFAULT_PARENT_FOLDER_ID) {
147 if (!JournalPermission.contains(
148 permissionChecker, article.getGroupId(), actionId)) {
149
150 return false;
151 }
152 }
153 else {
154 try {
155 JournalFolder folder =
156 JournalFolderLocalServiceUtil.getFolder(folderId);
157
158 if (!JournalFolderPermission.contains(
159 permissionChecker, folder, ActionKeys.ACCESS) &&
160 !JournalFolderPermission.contains(
161 permissionChecker, folder, ActionKeys.VIEW)) {
162
163 return false;
164 }
165 }
166 catch (NoSuchFolderException nsfe) {
167 if (!article.isInTrash()) {
168 throw nsfe;
169 }
170 }
171 }
172 }
173
174 if (permissionChecker.hasOwnerPermission(
175 article.getCompanyId(), JournalArticle.class.getName(),
176 article.getResourcePrimKey(), article.getUserId(), actionId)) {
177
178 return true;
179 }
180
181 return permissionChecker.hasPermission(
182 article.getGroupId(), JournalArticle.class.getName(),
183 article.getResourcePrimKey(), actionId);
184 }
185
186 public static boolean contains(
187 PermissionChecker permissionChecker, long classPK, String actionId)
188 throws PortalException {
189
190 JournalArticle article =
191 JournalArticleLocalServiceUtil.fetchLatestArticle(classPK);
192
193 if (article == null) {
194 article = JournalArticleLocalServiceUtil.getArticle(classPK);
195 }
196
197 return contains(permissionChecker, article, actionId);
198 }
199
200 public static boolean contains(
201 PermissionChecker permissionChecker, long groupId, String articleId,
202 double version, String actionId)
203 throws PortalException {
204
205 JournalArticle article = JournalArticleLocalServiceUtil.getArticle(
206 groupId, articleId, version);
207
208 return contains(permissionChecker, article, actionId);
209 }
210
211 public static boolean contains(
212 PermissionChecker permissionChecker, long groupId, String articleId,
213 int status, String actionId)
214 throws PortalException {
215
216 JournalArticle article =
217 JournalArticleLocalServiceUtil.getLatestArticle(
218 groupId, articleId, status);
219
220 return contains(permissionChecker, article, actionId);
221 }
222
223 public static boolean contains(
224 PermissionChecker permissionChecker, long groupId, String articleId,
225 String actionId)
226 throws PortalException {
227
228 JournalArticle article = JournalArticleLocalServiceUtil.getArticle(
229 groupId, articleId);
230
231 return contains(permissionChecker, article, actionId);
232 }
233
234 @Override
235 public void checkBaseModel(
236 PermissionChecker permissionChecker, long groupId, long primaryKey,
237 String actionId)
238 throws PortalException {
239
240 check(permissionChecker, primaryKey, actionId);
241 }
242
243 }