1
19
20 package com.liferay.portal.service.permission;
21
22 import com.liferay.portal.kernel.log.Log;
23 import com.liferay.portal.kernel.log.LogFactoryUtil;
24 import com.liferay.portal.model.User;
25 import com.liferay.portal.security.auth.PrincipalException;
26 import com.liferay.portal.security.permission.ActionKeys;
27 import com.liferay.portal.security.permission.PermissionChecker;
28 import com.liferay.portal.service.UserLocalServiceUtil;
29 import com.liferay.portal.util.PropsValues;
30
31
38 public class UserPermissionImpl implements UserPermission {
39
40 public void check(
41 PermissionChecker permissionChecker, long userId, String actionId)
42 throws PrincipalException {
43
44 if (!contains(permissionChecker, userId, actionId)) {
45 throw new PrincipalException();
46 }
47 }
48
49
52 public void check(
53 PermissionChecker permissionChecker, long userId,
54 long organizationId, long locationId, String actionId)
55 throws PrincipalException {
56
57 check(
58 permissionChecker, userId, new long[] {organizationId, locationId},
59 actionId);
60 }
61
62 public void check(
63 PermissionChecker permissionChecker, long userId,
64 long[] organizationIds, String actionId)
65 throws PrincipalException {
66
67 if (!contains(
68 permissionChecker, userId, organizationIds, actionId)) {
69
70 throw new PrincipalException();
71 }
72 }
73
74 public boolean contains(
75 PermissionChecker permissionChecker, long userId, String actionId) {
76
77 return contains(permissionChecker, userId, null, actionId);
78 }
79
80
83 public boolean contains(
84 PermissionChecker permissionChecker, long userId, long organizationId,
85 long locationId, String actionId) {
86
87 return contains(
88 permissionChecker, userId, new long[] {organizationId, locationId},
89 actionId);
90 }
91
92 public boolean contains(
93 PermissionChecker permissionChecker, long userId,
94 long[] organizationIds, String actionId) {
95
96 if (((PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) &&
97 (permissionChecker.hasOwnerPermission(
98 permissionChecker.getCompanyId(), User.class.getName(), userId,
99 userId, actionId))) ||
100 (permissionChecker.getUserId() == userId)) {
101
102 return true;
103 }
104 else if (permissionChecker.hasPermission(
105 0, User.class.getName(), userId, actionId)) {
106
107 return true;
108 }
109 else {
110 try {
111 if (organizationIds == null) {
112 User user = UserLocalServiceUtil.getUserById(userId);
113
114 organizationIds = user.getOrganizationIds();
115 }
116
117 for (int i = 0; i < organizationIds.length; i++) {
118 long organizationId = organizationIds[i];
119
120 if (OrganizationPermissionUtil.contains(
121 permissionChecker, organizationId,
122 ActionKeys.MANAGE_USERS)) {
123
124 return true;
125 }
126 }
127 }
128 catch (Exception e) {
129 _log.error(e, e);
130 }
131 }
132
133 return false;
134 }
135
136 private static Log _log = LogFactoryUtil.getLog(UserPermissionImpl.class);
137
138 }