1
19
20 package com.liferay.portlet.shopping.service.permission;
21
22 import com.liferay.portal.PortalException;
23 import com.liferay.portal.SystemException;
24 import com.liferay.portal.security.auth.PrincipalException;
25 import com.liferay.portal.security.permission.ActionKeys;
26 import com.liferay.portal.security.permission.PermissionChecker;
27 import com.liferay.portlet.shopping.model.ShoppingOrder;
28 import com.liferay.portlet.shopping.service.ShoppingOrderLocalServiceUtil;
29
30
36 public class ShoppingOrderPermission {
37
38 public static void check(
39 PermissionChecker permissionChecker, long groupId, long orderId,
40 String actionId)
41 throws PortalException, SystemException {
42
43 if (!contains(permissionChecker, groupId, orderId, actionId)) {
44 throw new PrincipalException();
45 }
46 }
47
48 public static void check(
49 PermissionChecker permissionChecker, long groupId,
50 ShoppingOrder order, String actionId)
51 throws PortalException {
52
53 if (!contains(permissionChecker, groupId, order, actionId)) {
54 throw new PrincipalException();
55 }
56 }
57
58 public static boolean contains(
59 PermissionChecker permissionChecker, long groupId, long orderId,
60 String actionId)
61 throws PortalException, SystemException {
62
63 ShoppingOrder order =
64 ShoppingOrderLocalServiceUtil.getOrder(orderId);
65
66 return contains(permissionChecker, groupId, order, actionId);
67 }
68
69 public static boolean contains(
70 PermissionChecker permissionChecker, long groupId, ShoppingOrder order,
71 String actionId) {
72
73 if (ShoppingPermission.contains(
74 permissionChecker, groupId, ActionKeys.MANAGE_ORDERS)) {
75
76 return true;
77 }
78 else {
79 if (permissionChecker.hasOwnerPermission(
80 order.getCompanyId(), ShoppingOrder.class.getName(),
81 order.getOrderId(), order.getUserId(), actionId)) {
82
83 return true;
84 }
85
86 return permissionChecker.hasPermission(
87 order.getGroupId(), ShoppingOrder.class.getName(),
88 order.getOrderId(), actionId);
89 }
90 }
91
92 }