1
19
20 package com.liferay.portal.service.permission;
21
22 import com.liferay.portal.kernel.log.Log;
23 import com.liferay.portal.kernel.log.LogFactoryUtil;
24 import com.liferay.portal.model.User;
25 import com.liferay.portal.security.auth.PrincipalException;
26 import com.liferay.portal.security.permission.ActionKeys;
27 import com.liferay.portal.security.permission.PermissionChecker;
28 import com.liferay.portal.service.UserLocalServiceUtil;
29 import com.liferay.portal.util.PropsValues;
30
31
38 public class UserPermissionImpl implements UserPermission {
39
40 public void check(
41 PermissionChecker permissionChecker, long userId, String actionId)
42 throws PrincipalException {
43
44 if (!contains(permissionChecker, userId, actionId)) {
45 throw new PrincipalException();
46 }
47 }
48
49
52 public void check(
53 PermissionChecker permissionChecker, long userId,
54 long organizationId, long locationId, String actionId)
55 throws PrincipalException {
56
57 check(
58 permissionChecker, userId, new long[] {organizationId, locationId},
59 actionId);
60 }
61
62 public void check(
63 PermissionChecker permissionChecker, long userId,
64 long[] organizationIds, String actionId)
65 throws PrincipalException {
66
67 if (!contains(
68 permissionChecker, userId, organizationIds, actionId)) {
69
70 throw new PrincipalException();
71 }
72 }
73
74 public boolean contains(
75 PermissionChecker permissionChecker, long userId, String actionId) {
76
77 return contains(permissionChecker, userId, null, actionId);
78 }
79
80
83 public boolean contains(
84 PermissionChecker permissionChecker, long userId, long organizationId,
85 long locationId, String actionId) {
86
87 return contains(
88 permissionChecker, userId, new long[] {organizationId, locationId},
89 actionId);
90 }
91
92 public boolean contains(
93 PermissionChecker permissionChecker, long userId,
94 long[] organizationIds, String actionId) {
95
96 if (((PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5 ||
97 PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) &&
98 (permissionChecker.hasOwnerPermission(
99 permissionChecker.getCompanyId(), User.class.getName(), userId,
100 userId, actionId))) ||
101 (permissionChecker.getUserId() == userId)) {
102
103 return true;
104 }
105 else if (permissionChecker.hasPermission(
106 0, User.class.getName(), userId, actionId)) {
107
108 return true;
109 }
110 else {
111 try {
112 if (organizationIds == null) {
113 User user = UserLocalServiceUtil.getUserById(userId);
114
115 organizationIds = user.getOrganizationIds();
116 }
117
118 for (int i = 0; i < organizationIds.length; i++) {
119 long organizationId = organizationIds[i];
120
121 if (OrganizationPermissionUtil.contains(
122 permissionChecker, organizationId,
123 ActionKeys.MANAGE_USERS)) {
124
125 return true;
126 }
127 }
128 }
129 catch (Exception e) {
130 _log.error(e, e);
131 }
132 }
133
134 return false;
135 }
136
137 private static Log _log = LogFactoryUtil.getLog(UserPermissionImpl.class);
138
139 }