1   /**
2    * Copyright (c) 2000-2010 Liferay, Inc. All rights reserved.
3    *
4    * This library is free software; you can redistribute it and/or modify it under
5    * the terms of the GNU Lesser General Public License as published by the Free
6    * Software Foundation; either version 2.1 of the License, or (at your option)
7    * any later version.
8    *
9    * This library is distributed in the hope that it will be useful, but WITHOUT
10   * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
11   * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
12   * details.
13   */
14  
15  package com.liferay.portal.security.permission;
16  
17  import com.liferay.portal.kernel.exception.PortalException;
18  import com.liferay.portal.kernel.exception.SystemException;
19  import com.liferay.portal.model.Group;
20  import com.liferay.portal.model.Organization;
21  import com.liferay.portal.model.OrganizationConstants;
22  import com.liferay.portal.model.Role;
23  import com.liferay.portal.model.RoleConstants;
24  import com.liferay.portal.service.OrganizationLocalServiceUtil;
25  import com.liferay.portal.service.UserGroupRoleLocalServiceUtil;
26  import com.liferay.portal.service.permission.LayoutPrototypePermissionUtil;
27  import com.liferay.portal.service.permission.LayoutSetPrototypePermissionUtil;
28  
29  import java.util.Arrays;
30  import java.util.HashMap;
31  import java.util.List;
32  import java.util.Map;
33  
34  /**
35   * <a href="PermissionCheckerBagImpl.java.html"><b><i>View Source</i></b></a>
36   *
37   * @author Brian Wing Shun Chan
38   */
39  public class PermissionCheckerBagImpl implements PermissionCheckerBag {
40  
41      public PermissionCheckerBagImpl() {
42      }
43  
44      public PermissionCheckerBagImpl(
45          long userId, List<Group> userGroups, List<Organization> userOrgs,
46          List<Group> userOrgGroups, List<Group> userUserGroupGroups,
47          List<Group> groups, List<Role> roles) {
48  
49          _userId = userId;
50          _userGroups = userGroups;
51          _userOrgs = userOrgs;
52          _userOrgGroups = userOrgGroups;
53          _userUserGroupGroups = userUserGroupGroups;
54          _groups = groups;
55          _roles = roles;
56      }
57  
58      public List<Group> getUserGroups() {
59          return _userGroups;
60      }
61  
62      public List<Organization> getUserOrgs() {
63          return _userOrgs;
64      }
65  
66      public List<Group> getUserOrgGroups() {
67          return _userOrgGroups;
68      }
69  
70      public List<Group> getUserUserGroupGroups() {
71          return _userUserGroupGroups;
72      }
73  
74      public List<Group> getGroups() {
75          return _groups;
76      }
77  
78      public long[] getRoleIds() {
79          if (_roleIds == null) {
80              List<Role> roles = getRoles();
81  
82              long[] roleIds = new long[roles.size()];
83  
84              for (int i = 0; i < roles.size(); i++) {
85                  Role role = roles.get(i);
86  
87                  roleIds[i] = role.getRoleId();
88              }
89  
90              Arrays.sort(roleIds);
91  
92              _roleIds = roleIds;
93          }
94  
95          return _roleIds;
96      }
97  
98      public List<Role> getRoles() {
99          return _roles;
100     }
101 
102     public boolean isCommunityAdmin(
103             PermissionChecker permissionChecker, Group group)
104         throws Exception {
105 
106         Boolean value = _communityAdmins.get(group.getGroupId());
107 
108         if (value == null) {
109             value = Boolean.valueOf(
110                 isCommunityAdminImpl(permissionChecker, group));
111 
112             _communityAdmins.put(group.getGroupId(), value);
113         }
114 
115         return value.booleanValue();
116     }
117 
118     public boolean isCommunityOwner(
119             PermissionChecker permissionChecker, Group group)
120         throws Exception {
121 
122         Boolean value = _communityOwners.get(group.getGroupId());
123 
124         if (value == null) {
125             value = Boolean.valueOf(
126                 isCommunityOwnerImpl(permissionChecker, group));
127 
128             _communityOwners.put(group.getGroupId(), value);
129         }
130 
131         return value.booleanValue();
132     }
133 
134     protected boolean isCommunityAdminImpl(
135             PermissionChecker permissionChecker, Group group)
136         throws PortalException, SystemException {
137 
138         if (group.isCommunity()) {
139             if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
140                     _userId, group.getGroupId(),
141                     RoleConstants.COMMUNITY_ADMINISTRATOR, true) ||
142                 UserGroupRoleLocalServiceUtil.hasUserGroupRole(
143                     _userId, group.getGroupId(),
144                     RoleConstants.COMMUNITY_OWNER, true)) {
145 
146                 return true;
147             }
148         }
149         else if (group.isCompany()) {
150             if (permissionChecker.isCompanyAdmin()) {
151                 return true;
152             }
153             else {
154                 return false;
155             }
156         }
157         else if (group.isLayoutPrototype()) {
158             if (LayoutPrototypePermissionUtil.contains(
159                     permissionChecker, group.getClassPK(), ActionKeys.UPDATE)) {
160 
161                 return true;
162             }
163             else {
164                 return false;
165             }
166         }
167         else if (group.isLayoutSetPrototype()) {
168             if (LayoutSetPrototypePermissionUtil.contains(
169                     permissionChecker, group.getClassPK(), ActionKeys.UPDATE)) {
170 
171                 return true;
172             }
173             else {
174                 return false;
175             }
176         }
177         else if (group.isOrganization()) {
178             long organizationId = group.getClassPK();
179 
180             while (organizationId !=
181                         OrganizationConstants.DEFAULT_PARENT_ORGANIZATION_ID) {
182 
183                 Organization organization =
184                     OrganizationLocalServiceUtil.getOrganization(
185                         organizationId);
186 
187                 Group organizationGroup = organization.getGroup();
188 
189                 long organizationGroupId = organizationGroup.getGroupId();
190 
191                 if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
192                         _userId, organizationGroupId,
193                         RoleConstants.ORGANIZATION_ADMINISTRATOR, true) ||
194                     UserGroupRoleLocalServiceUtil.hasUserGroupRole(
195                         _userId, organizationGroupId,
196                         RoleConstants.ORGANIZATION_OWNER, true)) {
197 
198                     return true;
199                 }
200 
201                 organizationId = organization.getParentOrganizationId();
202             }
203         }
204         else if (group.isUser()) {
205             long userId = group.getClassPK();
206 
207             if (userId == _userId) {
208                 return true;
209             }
210         }
211 
212         return false;
213     }
214 
215     protected boolean isCommunityOwnerImpl(
216             PermissionChecker permissionChecker, Group group)
217         throws PortalException, SystemException {
218 
219         if (group.isCommunity()) {
220             if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
221                     _userId, group.getGroupId(),
222                     RoleConstants.COMMUNITY_OWNER, true)) {
223 
224                 return true;
225             }
226         }
227         else if (group.isLayoutPrototype()) {
228             if (LayoutPrototypePermissionUtil.contains(
229                     permissionChecker, group.getClassPK(), ActionKeys.UPDATE)) {
230 
231                 return true;
232             }
233             else {
234                 return false;
235             }
236         }
237         else if (group.isLayoutSetPrototype()) {
238             if (LayoutSetPrototypePermissionUtil.contains(
239                     permissionChecker, group.getClassPK(), ActionKeys.UPDATE)) {
240 
241                 return true;
242             }
243             else {
244                 return false;
245             }
246         }
247         else if (group.isOrganization()) {
248             long organizationId = group.getClassPK();
249 
250             while (organizationId !=
251                         OrganizationConstants.DEFAULT_PARENT_ORGANIZATION_ID) {
252 
253                 Organization organization =
254                     OrganizationLocalServiceUtil.getOrganization(
255                         organizationId);
256 
257                 Group organizationGroup = organization.getGroup();
258 
259                 long organizationGroupId = organizationGroup.getGroupId();
260 
261                 if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
262                         _userId, organizationGroupId,
263                         RoleConstants.ORGANIZATION_OWNER, true)) {
264 
265                     return true;
266                 }
267 
268                 organizationId = organization.getParentOrganizationId();
269             }
270         }
271         else if (group.isUser()) {
272             long userId = group.getClassPK();
273 
274             if (userId == _userId) {
275                 return true;
276             }
277         }
278 
279         return false;
280     }
281 
282     private long _userId;
283     private List<Group> _userGroups;
284     private List<Organization> _userOrgs;
285     private List<Group> _userOrgGroups;
286     private List<Group> _userUserGroupGroups;
287     private List<Group> _groups;
288     private long[] _roleIds;
289     private List<Role> _roles;
290     private Map<Long, Boolean> _communityAdmins = new HashMap<Long, Boolean>();
291     private Map<Long, Boolean> _communityOwners = new HashMap<Long, Boolean>();
292 
293 }