1   /**
2    * Copyright (c) 2000-2010 Liferay, Inc. All rights reserved.
3    *
4    * This library is free software; you can redistribute it and/or modify it under
5    * the terms of the GNU Lesser General Public License as published by the Free
6    * Software Foundation; either version 2.1 of the License, or (at your option)
7    * any later version.
8    *
9    * This library is distributed in the hope that it will be useful, but WITHOUT
10   * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
11   * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
12   * details.
13   */
14  
15  package com.liferay.portlet.messageboards.service.permission;
16  
17  import com.liferay.portal.kernel.exception.PortalException;
18  import com.liferay.portal.kernel.exception.SystemException;
19  import com.liferay.portal.security.auth.PrincipalException;
20  import com.liferay.portal.security.permission.ActionKeys;
21  import com.liferay.portal.security.permission.PermissionChecker;
22  import com.liferay.portal.util.PropsValues;
23  import com.liferay.portlet.messageboards.model.MBCategory;
24  import com.liferay.portlet.messageboards.model.MBCategoryConstants;
25  import com.liferay.portlet.messageboards.model.MBMessage;
26  import com.liferay.portlet.messageboards.model.MBThread;
27  import com.liferay.portlet.messageboards.service.MBBanLocalServiceUtil;
28  import com.liferay.portlet.messageboards.service.MBCategoryLocalServiceUtil;
29  import com.liferay.portlet.messageboards.service.MBMessageLocalServiceUtil;
30  import com.liferay.portlet.messageboards.service.MBThreadLocalServiceUtil;
31  
32  /**
33   * <a href="MBMessagePermission.java.html"><b><i>View Source</i></b></a>
34   *
35   * @author Brian Wing Shun Chan
36   */
37  public class MBMessagePermission {
38  
39      public static void check(
40              PermissionChecker permissionChecker, long messageId,
41              String actionId)
42          throws PortalException, SystemException {
43  
44          if (!contains(permissionChecker, messageId, actionId)) {
45              throw new PrincipalException();
46          }
47      }
48  
49      public static void check(
50              PermissionChecker permissionChecker, MBMessage message,
51              String actionId)
52          throws PortalException, SystemException {
53  
54          if (!contains(permissionChecker, message, actionId)) {
55              throw new PrincipalException();
56          }
57      }
58  
59      public static boolean contains(
60              PermissionChecker permissionChecker, long messageId,
61              String actionId)
62          throws PortalException, SystemException {
63  
64          MBMessage message =  MBMessageLocalServiceUtil.getMessage(messageId);
65  
66          return contains(permissionChecker, message, actionId);
67      }
68  
69      public static boolean contains(
70              PermissionChecker permissionChecker, MBMessage message,
71              String actionId)
72          throws PortalException, SystemException {
73  
74          long groupId = message.getGroupId();
75  
76          if (MBBanLocalServiceUtil.hasBan(
77                  groupId, permissionChecker.getUserId())) {
78  
79              return false;
80          }
81  
82          long categoryId = message.getCategoryId();
83  
84          if ((categoryId != MBCategoryConstants.DEFAULT_PARENT_CATEGORY_ID) &&
85              (categoryId != MBCategoryConstants.DISCUSSION_CATEGORY_ID)) {
86  
87              MBCategory category = MBCategoryLocalServiceUtil.getCategory(
88                  categoryId);
89  
90              if (PropsValues.PERMISSIONS_VIEW_DYNAMIC_INHERITANCE) {
91                  if (!MBCategoryPermission.contains(
92                      permissionChecker, category, ActionKeys.VIEW)) {
93  
94                      return false;
95                  }
96              }
97          }
98  
99          MBThread thread = MBThreadLocalServiceUtil.getThread(
100             message.getThreadId());
101 
102         if (permissionChecker.hasOwnerPermission(
103                 message.getCompanyId(), MBMessage.class.getName(),
104                 thread.getRootMessageId(), message.getUserId(), actionId)) {
105 
106             return true;
107         }
108 
109         return permissionChecker.hasPermission(
110             groupId, MBMessage.class.getName(), thread.getRootMessageId(),
111             actionId);
112     }
113 
114 }