1
14
15 package com.liferay.portal.security.permission;
16
17 import com.liferay.portal.kernel.exception.PortalException;
18 import com.liferay.portal.kernel.exception.SystemException;
19 import com.liferay.portal.model.Group;
20 import com.liferay.portal.model.Organization;
21 import com.liferay.portal.model.OrganizationConstants;
22 import com.liferay.portal.model.Role;
23 import com.liferay.portal.model.RoleConstants;
24 import com.liferay.portal.service.OrganizationLocalServiceUtil;
25 import com.liferay.portal.service.UserGroupRoleLocalServiceUtil;
26 import com.liferay.portal.service.permission.LayoutPrototypePermissionUtil;
27 import com.liferay.portal.service.permission.LayoutSetPrototypePermissionUtil;
28
29 import java.util.Arrays;
30 import java.util.HashMap;
31 import java.util.List;
32 import java.util.Map;
33
34
39 public class PermissionCheckerBagImpl implements PermissionCheckerBag {
40
41 public PermissionCheckerBagImpl() {
42 }
43
44 public PermissionCheckerBagImpl(
45 long userId, List<Group> userGroups, List<Organization> userOrgs,
46 List<Group> userOrgGroups, List<Group> userUserGroupGroups,
47 List<Group> groups, List<Role> roles) {
48
49 _userId = userId;
50 _userGroups = userGroups;
51 _userOrgs = userOrgs;
52 _userOrgGroups = userOrgGroups;
53 _userUserGroupGroups = userUserGroupGroups;
54 _groups = groups;
55 _roles = roles;
56 }
57
58 public List<Group> getUserGroups() {
59 return _userGroups;
60 }
61
62 public List<Organization> getUserOrgs() {
63 return _userOrgs;
64 }
65
66 public List<Group> getUserOrgGroups() {
67 return _userOrgGroups;
68 }
69
70 public List<Group> getUserUserGroupGroups() {
71 return _userUserGroupGroups;
72 }
73
74 public List<Group> getGroups() {
75 return _groups;
76 }
77
78 public long[] getRoleIds() {
79 if (_roleIds == null) {
80 List<Role> roles = getRoles();
81
82 long[] roleIds = new long[roles.size()];
83
84 for (int i = 0; i < roles.size(); i++) {
85 Role role = roles.get(i);
86
87 roleIds[i] = role.getRoleId();
88 }
89
90 Arrays.sort(roleIds);
91
92 _roleIds = roleIds;
93 }
94
95 return _roleIds;
96 }
97
98 public List<Role> getRoles() {
99 return _roles;
100 }
101
102 public boolean isCommunityAdmin(
103 PermissionChecker permissionChecker, Group group)
104 throws Exception {
105
106 Boolean value = _communityAdmins.get(group.getGroupId());
107
108 if (value == null) {
109 value = Boolean.valueOf(
110 isCommunityAdminImpl(permissionChecker, group));
111
112 _communityAdmins.put(group.getGroupId(), value);
113 }
114
115 return value.booleanValue();
116 }
117
118 public boolean isCommunityOwner(
119 PermissionChecker permissionChecker, Group group)
120 throws Exception {
121
122 Boolean value = _communityOwners.get(group.getGroupId());
123
124 if (value == null) {
125 value = Boolean.valueOf(
126 isCommunityOwnerImpl(permissionChecker, group));
127
128 _communityOwners.put(group.getGroupId(), value);
129 }
130
131 return value.booleanValue();
132 }
133
134 protected boolean isCommunityAdminImpl(
135 PermissionChecker permissionChecker, Group group)
136 throws PortalException, SystemException {
137
138 if (group.isCommunity()) {
139 if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
140 _userId, group.getGroupId(),
141 RoleConstants.COMMUNITY_ADMINISTRATOR, true) ||
142 UserGroupRoleLocalServiceUtil.hasUserGroupRole(
143 _userId, group.getGroupId(),
144 RoleConstants.COMMUNITY_OWNER, true)) {
145
146 return true;
147 }
148 }
149 else if (group.isCompany()) {
150 if (permissionChecker.isCompanyAdmin()) {
151 return true;
152 }
153 else {
154 return false;
155 }
156 }
157 else if (group.isLayoutPrototype()) {
158 if (LayoutPrototypePermissionUtil.contains(
159 permissionChecker, group.getClassPK(), ActionKeys.UPDATE)) {
160
161 return true;
162 }
163 else {
164 return false;
165 }
166 }
167 else if (group.isLayoutSetPrototype()) {
168 if (LayoutSetPrototypePermissionUtil.contains(
169 permissionChecker, group.getClassPK(), ActionKeys.UPDATE)) {
170
171 return true;
172 }
173 else {
174 return false;
175 }
176 }
177 else if (group.isOrganization()) {
178 long organizationId = group.getClassPK();
179
180 while (organizationId !=
181 OrganizationConstants.DEFAULT_PARENT_ORGANIZATION_ID) {
182
183 Organization organization =
184 OrganizationLocalServiceUtil.getOrganization(
185 organizationId);
186
187 Group organizationGroup = organization.getGroup();
188
189 long organizationGroupId = organizationGroup.getGroupId();
190
191 if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
192 _userId, organizationGroupId,
193 RoleConstants.ORGANIZATION_ADMINISTRATOR, true) ||
194 UserGroupRoleLocalServiceUtil.hasUserGroupRole(
195 _userId, organizationGroupId,
196 RoleConstants.ORGANIZATION_OWNER, true)) {
197
198 return true;
199 }
200
201 organizationId = organization.getParentOrganizationId();
202 }
203 }
204 else if (group.isUser()) {
205 long userId = group.getClassPK();
206
207 if (userId == _userId) {
208 return true;
209 }
210 }
211
212 return false;
213 }
214
215 protected boolean isCommunityOwnerImpl(
216 PermissionChecker permissionChecker, Group group)
217 throws PortalException, SystemException {
218
219 if (group.isCommunity()) {
220 if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
221 _userId, group.getGroupId(),
222 RoleConstants.COMMUNITY_OWNER, true)) {
223
224 return true;
225 }
226 }
227 else if (group.isLayoutPrototype()) {
228 if (LayoutPrototypePermissionUtil.contains(
229 permissionChecker, group.getClassPK(), ActionKeys.UPDATE)) {
230
231 return true;
232 }
233 else {
234 return false;
235 }
236 }
237 else if (group.isLayoutSetPrototype()) {
238 if (LayoutSetPrototypePermissionUtil.contains(
239 permissionChecker, group.getClassPK(), ActionKeys.UPDATE)) {
240
241 return true;
242 }
243 else {
244 return false;
245 }
246 }
247 else if (group.isOrganization()) {
248 long organizationId = group.getClassPK();
249
250 while (organizationId !=
251 OrganizationConstants.DEFAULT_PARENT_ORGANIZATION_ID) {
252
253 Organization organization =
254 OrganizationLocalServiceUtil.getOrganization(
255 organizationId);
256
257 Group organizationGroup = organization.getGroup();
258
259 long organizationGroupId = organizationGroup.getGroupId();
260
261 if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
262 _userId, organizationGroupId,
263 RoleConstants.ORGANIZATION_OWNER, true)) {
264
265 return true;
266 }
267
268 organizationId = organization.getParentOrganizationId();
269 }
270 }
271 else if (group.isUser()) {
272 long userId = group.getClassPK();
273
274 if (userId == _userId) {
275 return true;
276 }
277 }
278
279 return false;
280 }
281
282 private long _userId;
283 private List<Group> _userGroups;
284 private List<Organization> _userOrgs;
285 private List<Group> _userOrgGroups;
286 private List<Group> _userUserGroupGroups;
287 private List<Group> _groups;
288 private long[] _roleIds;
289 private List<Role> _roles;
290 private Map<Long, Boolean> _communityAdmins = new HashMap<Long, Boolean>();
291 private Map<Long, Boolean> _communityOwners = new HashMap<Long, Boolean>();
292
293 }