1   /**
2    * Copyright (c) 2000-2009 Liferay, Inc. All rights reserved.
3    *
4    * The contents of this file are subject to the terms of the Liferay Enterprise
5    * Subscription License ("License"). You may not use this file except in
6    * compliance with the License. You can obtain a copy of the License by
7    * contacting Liferay, Inc. See the License for the specific language governing
8    * permissions and limitations under the License, including but not limited to
9    * distribution rights of the Software.
10   *
11   * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
12   * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13   * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
14   * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
15   * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
16   * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
17   * SOFTWARE.
18   */
19  
20  package com.liferay.portal.service.permission;
21  
22  import com.liferay.portal.PortalException;
23  import com.liferay.portal.SystemException;
24  import com.liferay.portal.model.Group;
25  import com.liferay.portal.model.Organization;
26  import com.liferay.portal.security.auth.PrincipalException;
27  import com.liferay.portal.security.permission.ActionKeys;
28  import com.liferay.portal.security.permission.PermissionChecker;
29  import com.liferay.portal.service.GroupLocalServiceUtil;
30  import com.liferay.portal.service.OrganizationLocalServiceUtil;
31  
32  import java.util.List;
33  
34  /**
35   * <a href="GroupPermissionImpl.java.html"><b><i>View Source</i></b></a>
36   *
37   * @author Brian Wing Shun Chan
38   *
39   */
40  public class GroupPermissionImpl implements GroupPermission {
41  
42      public void check(
43              PermissionChecker permissionChecker, long groupId,
44              String actionId)
45          throws PortalException, SystemException {
46  
47          if (!contains(permissionChecker, groupId, actionId)) {
48              throw new PrincipalException();
49          }
50      }
51  
52      public boolean contains(
53              PermissionChecker permissionChecker, long groupId, String actionId)
54          throws PortalException, SystemException {
55  
56          Group group = GroupLocalServiceUtil.getGroup(groupId);
57  
58          if (group.isStagingGroup()) {
59              group = group.getLiveGroup();
60          }
61  
62          if (group.isOrganization()) {
63              long organizationId = group.getClassPK();
64  
65              return OrganizationPermissionUtil.contains(
66                  permissionChecker, organizationId, actionId);
67          }
68          else if (group.isUser()) {
69  
70              // An individual user would never reach this block because he would
71              // be an administrator of his own layouts. However, a user who
72              // manages a set of organizations may be modifying pages of a user
73              // he manages.
74  
75              long userId = group.getClassPK();
76  
77              List<Organization> organizations =
78                  OrganizationLocalServiceUtil.getUserOrganizations(userId);
79  
80              for (Organization organization : organizations) {
81                  if (OrganizationPermissionUtil.contains(
82                          permissionChecker, organization.getOrganizationId(),
83                          ActionKeys.MANAGE_USERS)) {
84  
85                      return true;
86                  }
87              }
88          }
89  
90          // Group id must be set so that users can modify their personal pages
91  
92          return permissionChecker.hasPermission(
93              groupId, Group.class.getName(), groupId, actionId);
94      }
95  
96  }