1   /**
2    * Copyright (c) 2000-2009 Liferay, Inc. All rights reserved.
3    *
4    * The contents of this file are subject to the terms of the Liferay Enterprise
5    * Subscription License ("License"). You may not use this file except in
6    * compliance with the License. You can obtain a copy of the License by
7    * contacting Liferay, Inc. See the License for the specific language governing
8    * permissions and limitations under the License, including but not limited to
9    * distribution rights of the Software.
10   *
11   * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
12   * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13   * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
14   * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
15   * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
16   * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
17   * SOFTWARE.
18   */
19  
20  package com.liferay.portlet.messageboards.service.permission;
21  
22  import com.liferay.portal.PortalException;
23  import com.liferay.portal.SystemException;
24  import com.liferay.portal.security.auth.PrincipalException;
25  import com.liferay.portal.security.permission.ActionKeys;
26  import com.liferay.portal.security.permission.PermissionChecker;
27  import com.liferay.portlet.messageboards.model.MBCategory;
28  import com.liferay.portlet.messageboards.model.impl.MBCategoryImpl;
29  import com.liferay.portlet.messageboards.service.MBBanLocalServiceUtil;
30  import com.liferay.portlet.messageboards.service.MBCategoryLocalServiceUtil;
31  
32  /**
33   * <a href="MBCategoryPermission.java.html"><b><i>View Source</i></b></a>
34   *
35   * @author Brian Wing Shun Chan
36   *
37   */
38  public class MBCategoryPermission {
39  
40      public static void check(
41              PermissionChecker permissionChecker, long groupId, long categoryId,
42              String actionId)
43          throws PortalException, SystemException {
44  
45          if (!contains(permissionChecker, groupId, categoryId, actionId)) {
46              throw new PrincipalException();
47          }
48      }
49  
50      public static void check(
51              PermissionChecker permissionChecker, long categoryId,
52              String actionId)
53          throws PortalException, SystemException {
54  
55          if (!contains(permissionChecker, categoryId, actionId)) {
56              throw new PrincipalException();
57          }
58      }
59  
60      public static void check(
61              PermissionChecker permissionChecker, MBCategory category,
62              String actionId)
63          throws PortalException, SystemException {
64  
65          if (!contains(permissionChecker, category, actionId)) {
66              throw new PrincipalException();
67          }
68      }
69  
70      public static boolean contains(
71              PermissionChecker permissionChecker, long groupId, long categoryId,
72              String actionId)
73          throws PortalException, SystemException {
74  
75          if (categoryId == MBCategoryImpl.DEFAULT_PARENT_CATEGORY_ID) {
76              return MBPermission.contains(permissionChecker, groupId, actionId);
77          }
78          else {
79              return contains(permissionChecker, categoryId, actionId);
80          }
81      }
82  
83      public static boolean contains(
84              PermissionChecker permissionChecker, long categoryId,
85              String actionId)
86          throws PortalException, SystemException {
87  
88          MBCategory category =
89              MBCategoryLocalServiceUtil.getCategory(categoryId);
90  
91          return contains(permissionChecker, category, actionId);
92      }
93  
94      public static boolean contains(
95              PermissionChecker permissionChecker, MBCategory category,
96              String actionId)
97          throws PortalException, SystemException {
98  
99          if (actionId.equals(ActionKeys.ADD_CATEGORY)) {
100             actionId = ActionKeys.ADD_SUBCATEGORY;
101         }
102 
103         if (MBBanLocalServiceUtil.hasBan(
104                 category.getGroupId(), permissionChecker.getUserId())) {
105 
106             return false;
107         }
108 
109         long categoryId = category.getCategoryId();
110 
111         while (categoryId != MBCategoryImpl.DEFAULT_PARENT_CATEGORY_ID) {
112             if (permissionChecker.hasOwnerPermission(
113                     category.getCompanyId(), MBCategory.class.getName(),
114                     category.getCategoryId(), category.getUserId(), actionId)) {
115 
116                 return true;
117             }
118 
119             if (permissionChecker.hasPermission(
120                     category.getGroupId(), MBCategory.class.getName(),
121                     category.getCategoryId(), actionId)) {
122 
123                 return true;
124             }
125 
126             if (actionId.equals(ActionKeys.VIEW)) {
127                 break;
128             }
129 
130             category = MBCategoryLocalServiceUtil.getCategory(categoryId);
131 
132             categoryId = category.getParentCategoryId();
133         }
134 
135         return false;
136     }
137 
138 }