1
22
23 package com.liferay.portlet.shopping.service.permission;
24
25 import com.liferay.portal.PortalException;
26 import com.liferay.portal.SystemException;
27 import com.liferay.portal.security.auth.PrincipalException;
28 import com.liferay.portal.security.permission.ActionKeys;
29 import com.liferay.portal.security.permission.PermissionChecker;
30 import com.liferay.portlet.shopping.model.ShoppingOrder;
31 import com.liferay.portlet.shopping.service.ShoppingOrderLocalServiceUtil;
32
33
38 public class ShoppingOrderPermission {
39
40 public static void check(
41 PermissionChecker permissionChecker, long groupId, long orderId,
42 String actionId)
43 throws PortalException, SystemException {
44
45 if (!contains(permissionChecker, groupId, orderId, actionId)) {
46 throw new PrincipalException();
47 }
48 }
49
50 public static void check(
51 PermissionChecker permissionChecker, long groupId,
52 ShoppingOrder order, String actionId)
53 throws PortalException {
54
55 if (!contains(permissionChecker, groupId, order, actionId)) {
56 throw new PrincipalException();
57 }
58 }
59
60 public static boolean contains(
61 PermissionChecker permissionChecker, long groupId, long orderId,
62 String actionId)
63 throws PortalException, SystemException {
64
65 ShoppingOrder order =
66 ShoppingOrderLocalServiceUtil.getOrder(orderId);
67
68 return contains(permissionChecker, groupId, order, actionId);
69 }
70
71 public static boolean contains(
72 PermissionChecker permissionChecker, long groupId, ShoppingOrder order,
73 String actionId) {
74
75 if (ShoppingPermission.contains(
76 permissionChecker, groupId, ActionKeys.MANAGE_ORDERS)) {
77
78 return true;
79 }
80 else {
81 if (permissionChecker.hasOwnerPermission(
82 order.getCompanyId(), ShoppingOrder.class.getName(),
83 order.getOrderId(), order.getUserId(), actionId)) {
84
85 return true;
86 }
87
88 return permissionChecker.hasPermission(
89 order.getGroupId(), ShoppingOrder.class.getName(),
90 order.getOrderId(), actionId);
91 }
92 }
93
94 }