1
19
20 package com.liferay.portlet.shopping.service.permission;
21
22 import com.liferay.portal.PortalException;
23 import com.liferay.portal.SystemException;
24 import com.liferay.portal.security.auth.PrincipalException;
25 import com.liferay.portal.security.permission.ActionKeys;
26 import com.liferay.portal.security.permission.PermissionChecker;
27 import com.liferay.portal.service.permission.PortletPermissionUtil;
28 import com.liferay.portal.util.PortletKeys;
29 import com.liferay.portlet.shopping.model.ShoppingOrder;
30 import com.liferay.portlet.shopping.service.ShoppingOrderLocalServiceUtil;
31
32
38 public class ShoppingOrderPermission {
39
40 public static void check(
41 PermissionChecker permissionChecker, long plid, long orderId,
42 String actionId)
43 throws PortalException, SystemException {
44
45 if (!contains(permissionChecker, plid, orderId, actionId)) {
46 throw new PrincipalException();
47 }
48 }
49
50 public static void check(
51 PermissionChecker permissionChecker, long plid, ShoppingOrder order,
52 String actionId)
53 throws PortalException, SystemException {
54
55 if (!contains(permissionChecker, plid, order, actionId)) {
56 throw new PrincipalException();
57 }
58 }
59
60 public static boolean contains(
61 PermissionChecker permissionChecker, long plid, long orderId,
62 String actionId)
63 throws PortalException, SystemException {
64
65 ShoppingOrder order =
66 ShoppingOrderLocalServiceUtil.getOrder(orderId);
67
68 return contains(permissionChecker, plid, order, actionId);
69 }
70
71 public static boolean contains(
72 PermissionChecker permissionChecker, long plid, ShoppingOrder order,
73 String actionId)
74 throws PortalException, SystemException {
75
76 if (PortletPermissionUtil.contains(
77 permissionChecker, plid, PortletKeys.SHOPPING,
78 ActionKeys.MANAGE_ORDERS)) {
79
80 return true;
81 }
82 else {
83 if (permissionChecker.hasOwnerPermission(
84 order.getCompanyId(), ShoppingOrder.class.getName(),
85 order.getOrderId(), order.getUserId(), actionId)) {
86
87 return true;
88 }
89
90 return permissionChecker.hasPermission(
91 order.getGroupId(), ShoppingOrder.class.getName(),
92 order.getOrderId(), actionId);
93 }
94 }
95
96 }