1   /**
2    * Copyright (c) 2000-2009 Liferay, Inc. All rights reserved.
3    *
4    * The contents of this file are subject to the terms of the Liferay Enterprise
5    * Subscription License ("License"). You may not use this file except in
6    * compliance with the License. You can obtain a copy of the License by
7    * contacting Liferay, Inc. See the License for the specific language governing
8    * permissions and limitations under the License, including but not limited to
9    * distribution rights of the Software.
10   *
11   * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
12   * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13   * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
14   * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
15   * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
16   * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
17   * SOFTWARE.
18   */
19  
20  package com.liferay.portlet.shopping.service.permission;
21  
22  import com.liferay.portal.PortalException;
23  import com.liferay.portal.SystemException;
24  import com.liferay.portal.security.auth.PrincipalException;
25  import com.liferay.portal.security.permission.ActionKeys;
26  import com.liferay.portal.security.permission.PermissionChecker;
27  import com.liferay.portlet.shopping.model.ShoppingOrder;
28  import com.liferay.portlet.shopping.service.ShoppingOrderLocalServiceUtil;
29  
30  /**
31   * <a href="ShoppingOrderPermission.java.html"><b><i>View Source</i></b></a>
32   *
33   * @author Brian Wing Shun Chan
34   *
35   */
36  public class ShoppingOrderPermission {
37  
38      public static void check(
39              PermissionChecker permissionChecker, long groupId, long orderId,
40              String actionId)
41          throws PortalException, SystemException {
42  
43          if (!contains(permissionChecker, groupId, orderId, actionId)) {
44              throw new PrincipalException();
45          }
46      }
47  
48      public static void check(
49              PermissionChecker permissionChecker, long groupId,
50              ShoppingOrder order, String actionId)
51          throws PortalException {
52  
53          if (!contains(permissionChecker, groupId, order, actionId)) {
54              throw new PrincipalException();
55          }
56      }
57  
58      public static boolean contains(
59              PermissionChecker permissionChecker, long groupId, long orderId,
60              String actionId)
61          throws PortalException, SystemException {
62  
63          ShoppingOrder order =
64              ShoppingOrderLocalServiceUtil.getOrder(orderId);
65  
66          return contains(permissionChecker, groupId, order, actionId);
67      }
68  
69      public static boolean contains(
70          PermissionChecker permissionChecker, long groupId, ShoppingOrder order,
71          String actionId) {
72  
73          if (ShoppingPermission.contains(
74                  permissionChecker, groupId, ActionKeys.MANAGE_ORDERS)) {
75  
76              return true;
77          }
78          else {
79              if (permissionChecker.hasOwnerPermission(
80                      order.getCompanyId(), ShoppingOrder.class.getName(),
81                      order.getOrderId(), order.getUserId(), actionId)) {
82  
83                  return true;
84              }
85  
86              return permissionChecker.hasPermission(
87                  order.getGroupId(), ShoppingOrder.class.getName(),
88                  order.getOrderId(), actionId);
89          }
90      }
91  
92  }