1   /**
2    * Copyright (c) 2000-2010 Liferay, Inc. All rights reserved.
3    *
4    * This library is free software; you can redistribute it and/or modify it under
5    * the terms of the GNU Lesser General Public License as published by the Free
6    * Software Foundation; either version 2.1 of the License, or (at your option)
7    * any later version.
8    *
9    * This library is distributed in the hope that it will be useful, but WITHOUT
10   * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
11   * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
12   * details.
13   */
14  
15  package com.liferay.portlet.messageboards.service.permission;
16  
17  import com.liferay.portal.kernel.exception.PortalException;
18  import com.liferay.portal.kernel.exception.SystemException;
19  import com.liferay.portal.security.auth.PrincipalException;
20  import com.liferay.portal.security.permission.ActionKeys;
21  import com.liferay.portal.security.permission.PermissionChecker;
22  import com.liferay.portal.util.PropsValues;
23  import com.liferay.portlet.messageboards.model.MBCategory;
24  import com.liferay.portlet.messageboards.model.MBCategoryConstants;
25  import com.liferay.portlet.messageboards.service.MBBanLocalServiceUtil;
26  import com.liferay.portlet.messageboards.service.MBCategoryLocalServiceUtil;
27  
28  /**
29   * <a href="MBCategoryPermission.java.html"><b><i>View Source</i></b></a>
30   *
31   * @author Brian Wing Shun Chan
32   */
33  public class MBCategoryPermission {
34  
35      public static void check(
36              PermissionChecker permissionChecker, long groupId, long categoryId,
37              String actionId)
38          throws PortalException, SystemException {
39  
40          if (!contains(permissionChecker, groupId, categoryId, actionId)) {
41              throw new PrincipalException();
42          }
43      }
44  
45      public static void check(
46              PermissionChecker permissionChecker, MBCategory category,
47              String actionId)
48          throws PortalException, SystemException {
49  
50          if (!contains(permissionChecker, category, actionId)) {
51              throw new PrincipalException();
52          }
53      }
54  
55      public static boolean contains(
56              PermissionChecker permissionChecker, long groupId, long categoryId,
57              String actionId)
58          throws PortalException, SystemException {
59  
60          if ((categoryId == MBCategoryConstants.DEFAULT_PARENT_CATEGORY_ID) ||
61              (categoryId == MBCategoryConstants.DISCUSSION_CATEGORY_ID)) {
62  
63              return MBPermission.contains(permissionChecker, groupId, actionId);
64          }
65          else {
66              MBCategory category = MBCategoryLocalServiceUtil.getCategory(
67                  categoryId);
68  
69              return contains(permissionChecker, category, actionId);
70          }
71      }
72  
73      public static boolean contains(
74              PermissionChecker permissionChecker, MBCategory category,
75              String actionId)
76          throws PortalException, SystemException {
77  
78          if (actionId.equals(ActionKeys.ADD_CATEGORY)) {
79              actionId = ActionKeys.ADD_SUBCATEGORY;
80          }
81  
82          if (MBBanLocalServiceUtil.hasBan(
83                  category.getGroupId(), permissionChecker.getUserId())) {
84  
85              return false;
86          }
87  
88          long categoryId = category.getCategoryId();
89  
90          if (actionId.equals(ActionKeys.VIEW)) {
91              while (categoryId !=
92                      MBCategoryConstants.DEFAULT_PARENT_CATEGORY_ID) {
93  
94                  category = MBCategoryLocalServiceUtil.getCategory(categoryId);
95  
96                  categoryId = category.getParentCategoryId();
97  
98                  if (!permissionChecker.hasOwnerPermission(
99                          category.getCompanyId(), MBCategory.class.getName(),
100                         category.getCategoryId(), category.getUserId(),
101                         actionId) &&
102                     !permissionChecker.hasPermission(
103                         category.getGroupId(), MBCategory.class.getName(),
104                         category.getCategoryId(), actionId)) {
105 
106                     return false;
107                 }
108 
109                 if (!PropsValues.PERMISSIONS_VIEW_DYNAMIC_INHERITANCE) {
110                     break;
111                 }
112             }
113 
114             return true;
115         }
116         else {
117             while (categoryId !=
118                     MBCategoryConstants.DEFAULT_PARENT_CATEGORY_ID) {
119 
120                 if (permissionChecker.hasOwnerPermission(
121                         category.getCompanyId(), MBCategory.class.getName(),
122                         category.getCategoryId(), category.getUserId(),
123                         actionId)) {
124 
125                     return true;
126                 }
127 
128                 if (permissionChecker.hasPermission(
129                         category.getGroupId(), MBCategory.class.getName(),
130                         category.getCategoryId(), actionId)) {
131 
132                     return true;
133                 }
134 
135                 if (actionId.equals(ActionKeys.VIEW)) {
136                     break;
137                 }
138 
139                 category = MBCategoryLocalServiceUtil.getCategory(categoryId);
140 
141                 categoryId = category.getParentCategoryId();
142             }
143 
144             return false;
145         }
146     }
147 
148 }